Dino sits down with Adeel Shaikh Muhammad, a Dubai-based cybersecurity expert and researcher with 16+ years in IT and OT security. They dive into why IT and OT teams still can't communicate effectively.

The conversation reveals why most CISOs struggle to secure manufacturing environments. Adeel shares real-world insights from securing industrial systems across the Middle East, Africa, and Asia.

They tackle the implementation gap in OT SOCs and why legacy systems remain vulnerable. The discussion covers third-party access risks, OEM warranty restrictions, and system integrator challenges.

AI might finally solve IT-OT convergence by acting as a translator between these worlds. But first, organizations need to master the fundamentals: asset inventory, vulnerability management, and network segmentation.

Most companies still haven't nailed these basics in their industrial environments. This conversation cuts through the hype to focus on what actually works.

Chapters:

1. (00:00:00) - 16 Years in Cybersecurity: Why CISOs Don't Know What a PLC Is
2. (00:01:48) - Career Journey: From IT to OT Cybersecurity Focus
3. (00:02:48) - Books on AI Transforming Security Operations Centers
4. (00:04:44) - The Implementation Gap: Challenges Building OT SOCs
5. (00:06:40) - The IT-OT Cultural Divide and Missing Communication
6. (00:08:40) - Why the OT Ecosystem Must Proactively Bring Cybersecurity Tools
7. (00:10:00) - Can IT-OT Convergence Actually Happen?
8. (00:11:00) - AI as the Bridge: The Black Box Solution for IT-OT Communication
9. (00:12:42) - Legacy Systems Reality: Windows 7 Running $5M Equipment
10. (00:14:00) - OT Cybersecurity Conferences: S4, Intersec, and Rockwell Automation Fair
11. (00:16:00) - Market Consolidation: Who's Been Acquired in OT Security
12. (00:17:48) - Back to Basics: Asset Inventory, Vulnerabilities, and Network Segmentation
13. (00:18:40) - Third-Party Access Control and OEM Warranty Restrictions
14. (00:20:40) - Why We Can't Ignore Asset Inventory and Segmentation in OT Anymore

Links And Resources:

1. Adeel Shaikh Muhammad on LinkedIn
2. Want to Sponsor an episode or be a Guest? Reach out here.
3. Industrial Cybersecurity Insider on LinkedIn
4. Cybersecurity & Digital Safety on LinkedIn
5. BW Design Group Cybersecurity
6. Dino Busalachi on LinkedIn
7. Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Craig and Dino tackle one of industrial cybersecurity's most critical challenges in this Rewind episode: the massive gap between IT and OT patching strategies.

IT organizations patch constantly—think Patch Tuesday. OT environments rarely patch at all, creating dangerous vulnerability gaps across connected networks.

The hosts explore why this disconnect exists. Production floor downtime costs are astronomical, making patching a risky business decision.

OEM restrictions complicate matters further. Many vendors won't support systems or warranties after unauthorized updates.

Managing decades-old equipment alongside modern systems creates another layer of complexity. Legacy PLCs weren't designed with patching in mind.

The consequences of not patching are mounting. Insurance companies are tightening requirements and regulatory pressures are intensifying.

Craig and Dino offer practical solutions that don't require shutting down production lines. Virtual patching technologies can protect legacy control systems without traditional software updates.

The hosts emphasize the urgent need for IT-OT collaboration. All stakeholders—including OEMs and system integrators—must be part of strategic cybersecurity conversations.

This episode is essential listening for CISOs, plant managers, and anyone responsible for protecting industrial operations. The connected world isn't waiting for OT to catch up.

Chapters:

1. 00:00:00 - Introduction to Patching Challenges
2. 00:01:08 - IT vs OT Patching: Key Differences
3. 00:02:55 - Understanding the Cost of Downtime in OT
4. 00:03:32 - Overcoming Challenges with Legacy Systems
5. 00:05:21 - Navigating OEMs and Safety Concerns
6. 00:06:45 - The Role of Safety in OT Patching
7. 00:08:52 - Exploring Virtual Patching Solutions
8. 00:13:11 - Enhancing Vendor Collaboration and Risk Management
9. 00:16:48 - Impact of Mergers and Acquisitions on Cybersecurity
10. 00:18:33 - Addressing Insurance and Compliance Issues
11. 00:20:12 - Significant Consequences of Not Patching
12. 00:23:14 - Building an Effective Collaborative Cybersecurity Strategy
13. 00:24:03 - Conclusion and Actionable Insights

Links And Resources:

1. Want to Sponsor an episode or be a Guest? Reach out here.
2. Industrial Cybersecurity Insider on LinkedIn
3. Cybersecurity & Digital Safety on LinkedIn
4. BW Design Group Cybersecurity
5. Dino Busalachi on LinkedIn
6. Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

This compilation episode brings together the most critical insights from Industrial Cybersecurity Insider conversations about the fundamental challenges plaguing OT security implementation and management.

Industry experts dissect why traditional IT security approaches fail catastrophically on the plant floor, revealing that the core issue isn't technology—it's ownership, collaboration, and understanding.

From the dangers of deploying endpoint detection without vendor qualification to the millions lost in unplanned downtime, this episode exposes the gap between security theory and operational reality.

Listeners will discover why cybersecurity tools are often shelfware, how the "have and have-not" world creates vulnerability gaps across manufacturing facilities, and what "left of boom" thinking means for preventing incidents before they happen.

Featuring hard-won lessons about shutdown windows, cyber-informed engineering, and the critical importance of building relationships between IT teams and plant floor operations, this episode delivers actionable intelligence for CISOs, plant managers, and anyone responsible for securing industrial control systems.

Chapters:

1. (00:00:00) - Introduction: The Core Problem of Ownership in OT Security
2. (00:01:45) - Why IT Security Approaches Fail on the Plant Floor
3. (00:04:30) - The Cloud Analogy: Lessons for OT Implementation
4. (00:07:15) - The Missing Conversation: Capital Plans and OEMs
5. (00:10:20) - IT vs OT Networks: Different Purposes, Different Risks
6. (00:13:35) - EDR in OT: The Aftermarket Parts Problem
7. (00:16:10) - Cyber-Informed Engineering: Building Security into Design
8. (00:19:45) - The Have and Have-Not World of Plant Security
9. (00:23:20) - Left of Boom: Visibility Beyond Security
10. (00:27:15) - Who Should Lead the OT Security Discussion

Links And Resources:

1. Want to Sponsor an episode or be a Guest? Reach out here.
2. Industrial Cybersecurity Insider on LinkedIn
3. Cybersecurity & Digital Safety on LinkedIn
4. BW Design Group Cybersecurity
5. Dino Busalachi on LinkedIn
6. Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Dino and Craig tackle one of manufacturing's most pressing challenges: the OEM blockade. They explore why brand-new equipment often ships with hundreds of unpatched vulnerabilities, how the gap between IT and OT teams creates operational blind spots, and why manufacturers can't rely on traditional IT solutions to secure their plant floors.

From the CrowdStrike incident that took down HMIs to the "ghost in the machine" causing unexplained downtime, they reveal why OT teams must take ownership of their cybersecurity posture and build partnerships with the right ecosystem of OT-focused service providers.

If you've ever wondered why your million-dollar machine center is running Windows 7 or why your cybersecurity reports don't match reality, this episode provides the answers—and a path forward.

Chapters:

1. (00:00:00) - The OEM Blockade Problem
2. (00:01:00) - Understanding OEM Software Lock and Remote Access
3. (00:03:00) - The Reality of Unpatched Vulnerabilities in New Equipment
4. (00:06:00) - The IT/OT Blockade and Convergence Challenges
5. (00:09:00) - Why IT Disciplines Don't Translate to OT Environments
6. (00:11:00) - The CrowdStrike Incident: What Really Happened on Plant Floors
7. (00:13:00) - The Lack of Due Diligence in Manufacturing M&A
8. (00:16:00) - Chasing the Ghost in the Machine
9. (00:19:00) - Process Integrity vs. Cybersecurity Tools
10. (00:22:00) - Why OT Teams Must Take Ownership and Build the Right Partnerships

Links And Resources:

1. Want to Sponsor an episode or be a Guest? Reach out here.
2. Industrial Cybersecurity Insider on LinkedIn
3. Cybersecurity & Digital Safety on LinkedIn
4. BW Design Group Cybersecurity
5. Dino Busalachi on LinkedIn
6. Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Craig and Dino tackle one of the most pressing challenges in industrial cybersecurity: the disconnect between IT security teams and operational technology environments.

They explore why traditional CISOs struggle to protect manufacturing plants despite their best intentions, revealing that most security executives get 30 minutes or less per quarter to present cyber risks to their boards—leaving little time to address the complexities of OT environments they barely understand.

The conversation digs into the fundamental differences between enterprise IT and plant floor operations, where safety and uptime trump traditional security approaches, and where telling an engineer to remove a Windows 7 machine from the network might mean shutting down millions of dollars in production.

Craig and Dino make a compelling case for why external expertise, cross-functional collaboration, and a fundamental shift in how organizations approach industrial cybersecurity are not just recommended—they're essential for survival in an evolving threat landscape where adversaries only need to get lucky once.

Chapters:

1. (00:00:00) - The IT Security Mindset vs. OT Reality
2. (00:01:00) - Has the CISO Really Engaged with Industrial Cybersecurity?
3. (00:03:00) - The Disconnect: IT Owns the Network, OT Owns the Assets
4. (00:05:00) - What CISOs Don't Know About the Plant Floor
5. (00:07:00) - Safety and Uptime: The Top Two Priorities CISOs Must Understand
6. (00:10:00) - The Asset Visibility Problem: Do You Really Know What's Out There?
7. (00:13:00) - 30 Minutes or Less Per Quarter: The CISO's Impossible Task
8. (00:16:00) - Why External Expertise Isn't Optional Anymore
9. (00:19:00) - The Cyber Insurance Myth: Why Your Policy Won't Save You
10. (00:22:00) - Secure by Demand: Holding Vendors Accountable
11. (00:25:00) - Getting to the "Know": Where to Start and What to Ask

Links And Resources:

1. Want to Sponsor an episode or be a Guest? Reach out here.
2. Industrial Cybersecurity Insider on LinkedIn
3. Cybersecurity & Digital Safety on LinkedIn
4. BW Design Group Cybersecurity
5. Dino Busalachi on LinkedIn
6. Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this rewind episode, Craig and Dino tackle a critical disconnect in industrial cybersecurity: the gap between IT teams deploying OT security tools and the plant floor teams who desperately need the data these tools collect.

They reveal why 85% of data from industrial cybersecurity platforms is meant for OT personnel, yet rarely reaches them.

The conversation exposes how organizations invest heavily in tools like IDS platforms but fail to share vulnerability data, asset inventories, and network intelligence with the system integrators, OEMs, and plant teams actually working on their control systems.

Craig and Dino discuss the consequences of this siloed approach—from incomplete asset visibility to duplicated tooling—and offer practical guidance on achieving true IT-OT convergence.

They emphasize that organizations must work with partners who can "build the car, not just buy it," and stress the importance of tabletop exercises, proper vendor vetting, and collaborative frameworks that include the entire industrial ecosystem in cybersecurity planning and execution.

Chapters:

1. (00:00:00) - The Growing Problem: OT Teams Lack Access to Critical Security Data
2. (00:01:47) - IT-OT Convergence in Practice: Are We Really Doing It?
3. (00:04:42) - Why IT Teams Keep Security Data Siloed from Plant Floor Partners
4. (00:06:38) - The Consequence: System Integrators Bring Their Own Tools
5. (00:08:38) - The Disconnect Between IT Security Tools and OT Reality
6. (00:11:48) - How to Bridge the Gap: Questions System Integrators Should Ask
7. (00:15:42) - Vetting Your Security Partners: Can They Build the Car or Just Buy It?
8. (00:17:46) - The Three-Legged Stool: Why IT-Only Security Fails in Manufacturing
9. (00:20:48) - Action Steps: Creating a Comprehensive List of Your Industrial Ecosystem
10. (00:22:48) - Final Thoughts: Moving Beyond Security Theater to True Collaboration

Links And Resources:

1. Want to Sponsor an episode or be a Guest? Reach out here.
2. Industrial Cybersecurity Insider on LinkedIn
3. Cybersecurity & Digital Safety on LinkedIn
4. BW Design Group Cybersecurity
5. Dino Busalachi on LinkedIn
6. Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino sits down with cybersecurity expert Wil Klusovsky to discuss the massive gap between IT security practices and OT reality. With 26 years of experience, Wil shares his unconventional journey into operational technology and reveals why most security tools end up as shelfware on plant floors.

They dive deep into the communication breakdown between CISOs and plant operations, the critical role of system integrators and OEMs that IT leaders often ignore, and why the "air gap" myth continues to put manufacturing facilities at risk.

Wil breaks down his framework for speaking to boards in language they understand, emphasizing business impact over technical jargon.

The conversation covers everything from the challenges of MFA implementation in OT environments to why patching isn't always the answer. They discuss how organizations can build effective OT security programs by making cybersecurity everyone's responsibility - not just IT's problem.

Chapters:

1. (00:00:00) - Opening: The $50K Security Investment That Nobody Uses
2. (00:01:00) - Will's Unconventional Journey Into OT Cybersecurity
3. (00:03:45) - The Communication Gap Between IT and OT Teams
4. (00:07:15) - Why Asset Visibility Tools Miss 135% of Your Equipment
5. (00:10:30) - Speaking Board Language: Revenue Loss vs. Technical Jargon
6. (00:13:25) - The Missing Third Leg: System Integrators and OEMs
7. (00:17:30) - Making Cybersecurity Everyone's Job, Not Just IT's Problem
8. (00:21:15) - Why Patching Isn't Always the Answer in OT Environments
9. (00:25:45) - The Reality Check: Physical Security in Manufacturing Plants
10. (00:28:30) - Building a Cybersecurity Program as a Journey, Not a Destination

Links And Resources:

1. Wil Online Linktree
2. Wil Klusovsky on LinkedIn
3. Want to Sponsor an episode or be a Guest? Reach out here.
4. Industrial Cybersecurity Insider on LinkedIn
5. Cybersecurity & Digital Safety on LinkedIn
6. BW Design Group Cybersecurity
7. Dino Busalachi on LinkedIn
8. Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Katie O'Brien shares her unconventional journey from music teacher to industrial cybersecurity expert, bringing over 25 years of IT experience into the OT world.

In this conversation with Dino, Katie discusses the critical gaps in OT cybersecurity—from the lack of university programs teaching industrial security to the disconnect between IT and OT teams.

They explore why system integrators and OEMs fail to design cybersecurity into new manufacturing projects from the start, compare it to building cars without safety features, and discuss the emergence of managed services in the OT space.

Katie explains how Garland Technology helps organizations get visibility into aging infrastructure with unmanaged switches, and both hosts emphasize the urgent need for the OT ecosystem to drive cybersecurity conversations proactively rather than waiting for IT teams who may never have walked the plant floor.

Chapters:

• (00:00:00) - The Hard Truths About OT Security Nobody Wants to Hear
• (00:01:06) - Katie's Unconventional Journey: From Music Teacher to OT Cybersecurity Expert
• (00:04:00) - The Current State of OT Cybersecurity and Future Directions
• (00:06:00) - The Education Gap: Why Universities Aren't Teaching Industrial Cybersecurity
• (00:08:00) - The Disconnect Between IT/Security Teams and OT Operations
• (00:10:00) - Designing Cybersecurity Into New Manufacturing Projects From the Start
• (00:13:00) - IT Teams Who've Never Walked the Plant Floor
• (00:16:00) - The Emergence of Managed Services in the OT Space
• (00:18:00) - Garland Technology: Getting Visibility Into Aging Infrastructure
• (00:19:00) - Software Defined Automation and the Future of Industrial Control
• (00:22:00) - Why the OT Ecosystem Must Drive the Cybersecurity Conversation
• (00:24:00) - The Real Cost of Downtime and Cyber Incidents in Manufacturing

Links And Resources:

• Katie O'Brien on LinkedIn
• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino sits down with industrial automation and industrial cybersecurity expert Kevin Kumpf, fresh off the floor of Rockwell Automation Fair 2025.

They discuss why OT managed services are finally becoming viable for manufacturing, the critical 80/20 split between people and technology challenges, and how the industry's "silver tsunami" of retiring talent is forcing a reckoning.

Kevin shares insights on building unified platforms that can manage everything from 30-year-old paper tape systems to AI-powered smart factories, why IT's "patch now" mentality fails in OT environments, and how the DG 360 platform is delivering true cyber-physical convergence today - not tomorrow.

They discuss the reality that most OT cybersecurity tools only discover 30% of plant assets, the importance of human-in-the-loop decision making, and why the OT ecosystem - not IT - must drive the managed services revolution.

This is a must-listen for anyone struggling with the complexity of protecting and managing modern manufacturing facilities.

Chapters:

• (00:00:00) - Introduction and Rockwell Automation Fair Recap
• (00:01:43) - The OT Managed Services Evolution and Rebranding
• (00:04:15) - The Three-Legged Stool: IT, OT, and OEMs
• (00:07:32) - Point Solutions vs. Unified Platforms in Manufacturing
• (00:10:45) - The DG 360 Vision: 360-Degree Plant Visibility
• (00:14:28) - The Silver Tsunami and Training Challenges
• (00:18:22) - Alert Fatigue and Actionable Intelligence
• (00:22:45) - Software Defined Automation and Legacy Systems
• (00:26:18) - Why OT Must Drive the Cybersecurity Conversation
• (00:30:35) - Real-Time Demo and Implementation Readiness

Links And Resources:

• Kevin Kumpf on LinkedIn
• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Former U.S. Secret Service Special Agent Richard LaTulip joins Craig Duckworth to reveal the hidden world of cyber criminal networks and infrastructure attacks.

Drawing from his undercover work infiltrating dark web forums and catching some of the world's most sophisticated threat actors, Richard breaks down why traditional security approaches fail, how ransomware attacks actually cost organizations millions if not billions beyond the ransom payment itself, and why the timeline between compromise and detection has shrunk from months to minutes.

He shares jaw-dropping statistics on vulnerability management failures, explains how adversaries are using AI to become exponentially more dangerous, and provides actionable insights for building resilient security programs that protect what matters most to your business.

Whether you're defending critical infrastructure or managing security for a manufacturing organization, this conversation offers a rare insider perspective on the evolving threat landscape and what it takes to stay ahead of increasingly sophisticated cyber criminals.

Chapters:

• (00:00:00) - Meet the Ex-Secret Service Agent Who Infiltrated Underground Cyber Criminal Networks
• (00:03:00) - Inside Operation Carder Kaos: Going Undercover in the Dark Web
• (00:06:00) - The Real Price Tag: Why Ransomware Costs Go Far Beyond the Ransom
• (00:11:00) - When Production Lines Go Dark: The Hidden Costs of Manufacturing Downtime
• (00:14:00) - Reality Check: How Prepared Is Your Organization for a Cyber Attack?
• (00:17:00) - The AI Arms Race: How Adversaries Are Weaponizing Artificial Intelligence
• (00:21:00) - 2027 Threat Landscape: What Keeps a Field CISO Up at Night
• (00:24:00) - Follow the Bitcoin: How Cyber Criminals Launder Billions Through Cryptocurrency
• (00:31:00) - Why Speed Matters: The Critical Window for Law Enforcement Notification
• (00:33:00) - The Security Leader's Playbook: Threat Intelligence + Business Context

Links And Resources:

• Richard LaTulip on LinkedIn
• Richard's Book: Operation Carder Kaos
• Recorded Future
• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!