2026 Dragos OT Report: Foreign Adversaries Inside Utility Networks + How to Protect Your OT Environment

In this Off The Wire episode, Anthony and Tanner break down the 2026 Dragos OT report, describing it as sobering and highlighting claims that foreign adversaries are already embedded in U.S. utility networks. They discuss how these actors differ from typical fast-moving ransomware by staying hidden, mapping OT environments, studying SCADA points, alarms, configuration files, and normal process behavior, with detection potentially taking days even in best cases.

The conversation covers attacker specialization and handoffs between teams for initial access, reconnaissance, and exploitation, sometimes involving transactions between groups. They highlight the gap between vulnerability disclosure, patch availability, and exploitation (reported as ~24 days), and emphasize the need for mitigation beyond patching. Visibility is a major theme: only 46% reportedly have OT monitoring, with average detection cited as ~5 days with monitoring versus ~42 days without, often only discovered after something breaks. They discuss why OT is hard to secure (limited logging, fragile legacy systems, insecure protocols like Telnet/LDAP, flat networks, and weak IT/OT separation) and why monitoring helps detect anomalies and insecure traffic. The episode also addresses third-party and remote-access risk, including targeting of engineering firms and edge devices, exploitation of cellular router devices, and the growing reliance on stolen credentials and valid logins (including MFA fatigue), citing a stat that 73% of breaches involve stolen credentials. They note a reported 49% increase in ransomware groups affecting OT, 119 groups targeting OT, and over 3,300 impacted OT environments, with many OT incidents misclassified as IT-only. The hosts recommend focusing on fundamentals: an OT incident response plan, asset inventory, behavior-based monitoring, tight restrictions on remote access, and unique credentials supported by password managers. They announce a five-episode miniseries springboarding from this overview, with upcoming episodes on OT monitoring/visibility, securing users via a secure browser approach, improving email defenses against phishing, and revisiting third-party remote access.

00:00 Dragos 2026 OT Report: Why This One Hits Different

01:24 Adversaries Already Inside: Quiet Recon in Utility OT Networks

02:59 Specialized Attack Teams & Access Handoffs (Initial Access → Recon → Exploit)

05:07 Patch Lag vs Exploit Speed: Why Mitigation Matters in OT

06:24 Visibility Gap: OT Monitoring Stats and Detection Time Reality

07:49 Why OT Monitoring Works: Protocols, Anomalies, and Holistic Context

09:56 Third-Party Remote Access: Vendors, VPNs, Edge Devices, and Cellular Routers

13:07 Valid Credentials Are the New Exploit: Detecting “Legit” Logins

17:06 Ransomware Moves Into OT: Scale, Misclassification, and Rising Risk

18:56 Old Problems Still Breaking OT: Flat Networks, Legacy Protocols, No Segmentation

22:15 Disruption Is the Goal: OT Security Fundamentals to Focus On Now

25:58 Mini-Series Preview + Final Takeaways (Stolen Credentials, Next Episodes)

29:01 Wrap-Up and What’s Next: OT Monitoring & Visibility Episode Teaser

Cost-Saving Strategies for IT: Reports vs Alerts & Beyond | Off the Wire Podcast

In this episode of Off the Wire Podcast, we dive deep into effective cost-saving strategies for IT departments. We discuss the pros and cons of reports versus alerts, the rising costs of technology, and how to make every dollar count. We also share insights on consolidating tools and platforms, justifying hardware and software expenses, and leveraging AI to maximize efficiency. Join us as we explore practical tips to help you save money and optimize resources amidst an environment of increasing costs. Don't miss our real-world examples and actionable advice to streamline your IT operations!

00:00 Introduction Hook: Reports vs Alerts

Preparing for the Storm: Effective Risk Management & Crisis Planning

In this episode of 'Off the Wire,' join Hosts Anthony and Tanner as they discuss the essential strategies for preparing for impending storms, particularly how to handle weather-related crises, with a focus on risk management and maintaining efficiency. Topics covered include the importance of having a storm prep checklist, the necessity of contingency plans, the balance of mitigating risks while maintaining operational flexibility, and the crucial role of effective communication and leadership during a crisis. Listen in for invaluable insights on how to ensure the safety of personnel and continuous operation of essential services during critical events.

00:00 Introduction and Setting the Scene

00:11 Storm Preparation Mindset

01:02 High-Level Storm Preparation Process

01:20 Detailed Preparation Steps

03:20 Importance of Checklists and Risk Assessment

05:37 Technology and Field Operations

08:38 Internet Connectivity During Storms

12:02 Managing Personnel During Crises

19:17 Flexibility and Adjustments During Crises

25:23 Final Thoughts and Tips

29:35 Closing Remarks

Effective Communication: Key Tips for IT and End Users

In this episode of Off The Wire, we dive into the challenges and solutions for effective communication between IT professionals and end users. Through realistic role-playing scenarios, we highlight common issues and frustrations faced when trying to extract necessary details for troubleshooting. Our hosts share actionable advice for both IT personnel and non-IT staff on how to provide clear, specific information, making the problem-solving process more efficient. Tune in to learn useful tips that can improve workflow and response times in your organization.

00:00 Introduction and Initial Problem

00:15 Understanding the Issue

00:47 Challenges in IT Communication

01:52 Effective Communication Strategies

04:26 Generational Differences in IT

06:12 Importance of Detailed Information

09:03 Ticketing Systems and Prioritization

17:33 Role-Playing Scenarios

20:10 Common IT Issues and Solutions

24:01 Final Thoughts and Communication Tips

30:48 Conclusion and Call to Action

Off The Wire: Reflecting on Cybersecurity and Organizational Implementations

In this episode of 'Off The Wire,' hosts Anthony and Tanner reflect on past episodes and discuss the various strategies and innovations they've implemented at their organization. They cover key topics such as cybersecurity, asset management, backup testing, employee mental health, and training methods. The episode dives into specific episodes like 'Low-Cost, High-Impact Cybersecurity Investments,' 'Zero Trust,' and 'Talent Tetris,' providing insights on how they've taken their learnings to enhance their company's safety, efficiency, and employee satisfaction. Join them as they share practical advice, valuable lessons, and their goals for future implementations.

00:00 Introduction and Reflection

01:12 Implementing Crown Jewels Concept

02:12 Zero Trust Network Implementation

03:17 CIS Benchmarks and Hardening Systems

05:20 Talent Tetris: Building the Perfect Team

07:38 Communicating with Leadership

09:52 Remote Access Solutions

13:55 Low Cost, High Impact Cybersecurity Investments

16:50 Backup Testing and Cloud Recovery

19:30 Breaking Up With One and Done Training

22:28 Employee Mental Health and Leadership

27:14 Bonus: Future Implementations

31:18 Conclusion and Final Thoughts

Top 5 Reasons Why Software Projects Fail and How to Avoid Them | Off the Wire Podcast

In this episode of Off the Wire, hosts Tanner and Anthony dive into the top reasons why software projects fail and share practical tips on how to avoid these common pitfalls. They discuss a range of crucial points, including the importance of keeping solutions simple, building strong user rapport, effective communication strategies, comprehensive training, and the value of user input. If you're in the midst of rolling out a new technology project or planning one for the future, this episode is packed with valuable insights to help ensure your project's success. Tune in as they share personal anecdotes, industry best practices, and engage in a thoughtful discussion aimed at improving your project management skills.

00:00 Welcome and Year-End Reflections

00:31 Holiday Chaos and Project Planning

01:20 The Importance of Year-End Reviews

02:10 Discussing Project Failures

02:51 Impact of Failed Projects on Teams

03:29 Balancing Risk and Simplicity in Projects

03:39 Real-Life Example of Project Impact

05:42 Top Five Reasons Projects Fail

06:26 Complicated Solutions and the KISS Method

08:24 Building Rapport and Empathy with Users

10:35 The Final 5%: Completing Projects Fully

13:57 Effective Communication Strategies

17:23 Training and Vendor Reliance

19:27 Quick Response to Issues and Drip Campaigns

21:05 Gathering Feedback and Following Up

21:46 Appreciation and Podcast Growth

23:05 Weak Testing and QA Issues

26:16 Challenges of Rapid Change

29:16 Importance of User Input

32:10 Effective Training Strategies

38:20 Final Thoughts and Community Support

Marketing IT: Making Your Department's Value Known

In this episode, Tanner and Anthony discuss the challenges IT departments face in communicating their value within an organization. They explore methods for showcasing daily work and major projects to both employees and senior leadership. Key topics include effective internal marketing, handling visibility problems, and balancing technology wins with transparency about challenges. The episode also features a fun game where the hosts put each other on the spot to come up with marketing strategies for various IT scenarios. Whether you're struggling with perception issues or looking to improve your communication strategy, this episode offers valuable insights and practical tips.

00:00 Understanding the Importance of Communication in IT

00:48 Common Misconceptions About IT Roles

02:43 The Visibility Problem in IT Departments

03:36 The Impact of Improved IT Systems

05:21 The Role of Security Tools in IT

06:36 The Challenge of IT Perception

10:30 The Importance of Framing Communication

17:30 Sharing Technology Wins and Success Stories

23:25 Celebrating Security Wins

24:18 Importance of Employee Testimonials

26:07 Branding IT Solutions

28:18 Communicating IT's Value to Leadership

30:08 Transparency in IT Struggles

31:26 Effective Metrics and Reporting

33:34 Marketing IT Initiatives

38:10 Interactive Marketing Exercise

45:19 Key Takeaways and Final Thoughts

Empowering Communities: The Impact of Excellent Local Government Leadership

Join us in this episode of Off the Wire as we interview Glenn Hasteadt, a retired IT director and longtime leader in local government. Glenn shares his insights on the importance of great government leadership, the impact technology has on communities, and the lessons he's learned throughout his career. From managing emergency services during Hurricane Florence to fostering a supportive and dynamic work culture, this conversation explores the numerous ways local government can uplift communities, states, and even the nation. Tune in to discover how intentional leadership and empathy can make a real difference in public service.

00:00 The Power of Great Local Government

00:50 Introducing Glenn Hasteadt

01:39 Debunking Myths About Local Government

04:34 Handling Crises and Team Dynamics

08:42 Building a Strong Team Culture

12:40 Leadership Lessons and Personal Growth

15:18 Communication in Crisis Situations

23:13 Resourcefulness in Local Government

25:35 The Impact of Local Government IT

30:47 Final Thoughts and Farewell

Welcome back to the Off the Wire Podcast! In this episode, we dive deep into the world of cybersecurity from an offensive standpoint. We sit down with Slade, the President of Contextual Security Solutions, to uncover what truly works in defending against real attack methods. Slade shares captivating stories and practical insights on penetration testing tools, the effectiveness of current security solutions, and the importance of visibility in cybersecurity. We discuss everything from the impact of technical configuration and tuning to the challenges of ransomware as a service. Learn how to communicate effectively with senior leadership, understand the significance of a dedicated cybersecurity budget, and get advice on the traits to look for when building a cybersecurity team. Real-world examples and fascinating anecdotes make this episode a must-watch for anyone interested in enhancing their cybersecurity posture. Don't miss out on Slade's valuable knowledge and entertaining demonstrations that aim to increase awareness and security mindfulness. Get ready to take notes and share this insightful discussion with your peers!

00:00 Introduction to Cybersecurity Podcast

00:23 Meet Slade: The Cybersecurity Expert

00:48 Slade's Attention-Grabbing Demos

05:30 Memorable Pen Testing Stories

08:51 Challenges in Cybersecurity

11:49 Small IT Departments and Security

16:12 Effective Security Measures

24:41 Business and Technical Perspectives

29:41 The Importance of Measurement and Incentives

31:05 Emerging Technologies and AI Challenges

33:24 Cybersecurity Threats and Preparedness

43:56 Soft Skills and Career Advice

46:55 Technical Skills and Budgeting in Cybersecurity

49:05 Reflections and Personal Growth

53:59 Future Topics and Final Thoughts

Meeting People Where They Are: A Cybersecurity Journey with Lindsay

Join us in this insightful episode of the Off the Wire podcast as we welcome Lindsay, a cybersecurity professional who transitioned from a decade in real estate to making impactful strides in the world of cybersecurity. Lindsay shares her unique journey, beginning with multinational moves from Minnesota to Hawaii to South Dakota, and ultimately settling in Colorado. She speaks candidly about the ethics of real estate, a chance podcast that led her to reconsider her career, and her dive into the world of cybersecurity education.

Lindsay discusses the importance of patience, empathy, and understanding users' backgrounds to effectively teach cybersecurity. She also sheds light on the value of community support through organizations like ISSA, her experience with micro training, and the challenges and opportunities presented by AI in the cybersecurity landscape. Don't miss Lindsay's tips on how to improve cybersecurity awareness in organizations and her special focus on training for small businesses and seniors.

00:00 Introduction and Guest Welcome

00:35 Lindsay's Early Life and Career Path

02:10 Transition from Real Estate to Cybersecurity

04:39 Impact of Political Science Degree on Cybersecurity Career

08:07 Teaching Cybersecurity in Plain Language

13:21 Building Trust and Positive Culture in Cybersecurity

17:40 Tailoring Cybersecurity Training for Small Businesses and Seniors

21:43 Building Engagement in Classes

21:56 Advice for New Instructors

22:31 Humorous Classroom Anecdotes

22:57 Encouraging Listener Interaction

23:21 Introduction to ISSA

24:07 The Cybersecurity Community

26:02 Networking and Career Growth

27:18 The Importance of Community

29:15 Women in Cybersecurity

32:08 Overcoming Imposter Syndrome

35:52 The Future of Cybersecurity Training

37:01 The Impact of AI on Cybersecurity

39:14 Effective Communication in Cybersecurity

41:15 Final Thoughts and Contact Information