Jay Catherine, security architect for a major retailer, joins the Nexus Podcast to discuss the intricacies of securing logistics and operational technology within the retail sector. 

Catherine covers various aspects of logistics cybersecurity, including risks introduced by connecting OT and IoT to the network, and the challenges of managing third-party vendor and supply chain relationships. 

He also discusses his unconventional career path, from hockey broadcaster to his current cybersecurity role. 

Listen and subscribe to the Nexus Podcast.

Feedspot has named Nexus a top IoT security podcast for 2025

Greg Garcia, Executive Director of the Health Sector Coordinating Council Cybersecurity Working Group, joins the Nexus Podcast to discuss the recent publication of the working group’s Sector Mapping and Risk Toolkit. 

The SMART toolkit is a methodology that helps healthcare providers visualize key services that support workflows in the industry and is also used to measure risk appropriately for each of those services.

Listen and subscribe to the Nexus Podcast. 

Get the SMART Toolkit here. 

O'Reilly coauthor of Evidence-Based Security and longtime healthcare CISO Christopher Frenz joins the Nexus podcast to describe his organization's approach to cybersecurity that is rooted in transforming security from an artform to a science. 

Frenz discusses how this process through how he tests the efficacy of controls in his environment, and how the insights gained from this testing have allowed him to move toward better metrics and a better working relationship with leadership and the board. 

Listen and subscribe to the Nexus Podcast. 

Retired four-star U.S. Navy Admiral Michael S. Rogers joins the Nexus Podcast for a wide-ranging discussion on deterrence in cyberspace and an examination of adversarial tactics and strategies. 

Adm. Rogers explains that deterrence relies on having the will to employ tactics that will reshape the choices adversaries are making in the targeting of U.S. critical infrastructure. 

Adm. Rogers also touches on Congress' failure to re-authorize the Cybersecurity Information Sharing Act (CISA 15) and what it means for defenders as the reauthorization deadline passes, and the resource challenges affecting adequate protection of critical infrastructure. 

Listen and subscribe to the Nexus Podcast.

Bob Maley, Chief Security Officer at Black Kite and former CISO for the Commonwealth of Pennsylvania, joins the Nexus Podcast to discuss how critical infrastructure operators and state and local governments are meeting cybersecurity resourcing challenges. Whether it's budgets, workforce shortages, or technical debt, security leaders are facing volatile times in protecting critical sectors. 

Listen and subscribe to the Nexus Podcast.

Pankaj Goyal, Chief Operating Officer at Safe Security, joins the Nexus Podcast to discuss the challenges cyber insurance carriers and brokers have in determing and providing coverage for asset heavy operational technology (OT) and cyber-physical systems (CPS) environments. 

Underwriters have prolific amounts of historical data and experience in calculating risk and exposure around IT, but cannot say the same for OT. 

Goyal discusses how fragmentation in the OT ecosystem, along with an ever-expanding attack surface, is contributing to the challenges around properly insuring these environments. 

Listen and subscribe to the Nexus Podcast

Rui Ataide, Managing Security Consultant at GuidePoint Security, joins the Nexus Podcast to discuss his experiences negotiating with ransomware gangs on behalf of victimized organizations. 

Ataide covers the nuances, processes, and methodology of negotiating with groups. He also explains how extortion and data theft has changed the risk management calculus for victims, and how cybersecurity insurance figures into negotiations. 

Listen and subscribe to the Nexus Podcast

Salvatore Gariuolo, a senior threat researcher at Trend Micro, joins the Nexus Podcast to discuss safe EV charging and in particular, the ISO 15118 standard meant to create a trusted environment for electric vehicle charging. 

Gariuolo contends that while ISO 15118 offers substantial improvements that reduce pressure on the grid, and also introduces a handful of cybersecurity enhancements, it is not sufficient to fully secure the EV charging ecosystem.

Listen and subscribe to the Nexus Podcast

Noam Moshe, Research Director for Claroty Team82, joins the Nexus Podcast live at the Black Hat Briefings in Las Vegas to discuss research that was presented here on the security of a popular video surveillance platform manufactured by Axis Communications. 

Moshe describes how Team82 examined the proprietary protocol supporting Axis servers and clients (camera) and uncovered four vulnerabilities that could be chained to eventually gain pre-authentication remote-code execution. 

Moshe explains Team82's research process, the risks to users, and the successful disclosure process with Axis Communication that resulted in prompt patches available for the servers and camera platforms. 

Read Team82's research blog here

Listen and subscribe to the Nexus Podcast

Dan Berte, director of IoT security at Bitdefender, joins the Nexus Podcast to join his team's ongoing research into the security of solar grid inverters and three serious vulnerabilities uncovered in the popular Deye Solarman management platform.

Dan discusses his team's research, the disclosure process, and the implications on green energy initiatives overall. With the growing popularity of these platforms, Berte cautions that attackers are going to continue to analyze their security for weaknesses and attempt to exploit them. 

Listen to the Nexus Podcast on your favorite podcast platform.