Sign up to save your podcasts
Or
Share OT Risk Management That Works: Asset Visibility, Risk Quantification & CISO-Level Strategy
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
OT Risk Management That Works: Asset Visibility, Risk Quantification & CISO-Level Strategy
You can’t manage risk you can’t measure - or even see.
In this episode of Protect It All, host Aaron Crow sits down with Nicholas Friedman to explore how organizations can move beyond compliance and build real, measurable cybersecurity programs across IT and OT environments.
With experience spanning banking, aerospace, and critical infrastructure, Nicholas shares how risk management principles translate across industries - and why understanding business context is critical to protecting operational systems.
This conversation dives into one of the biggest challenges in OT today: asset visibility and risk quantification. From outdated spreadsheets to modern automation, Aaron and Nicholas break down what it actually takes to understand exposure, justify investment, and communicate risk at the board level.
You’ll learn:
Whether you’re leading a cybersecurity program, managing OT environments, or presenting to the board, this episode delivers practical strategies to align security with business value and measurable outcomes.
Tune in to learn how to turn cybersecurity into a risk-driven, business-aligned strategy - only on Protect It All.
Key Moments:
05:14 Understanding business risk basics
08:40 Building effective OT cybersecurity teams
13:26 Challenges with aging IT and OT systems
14:19 Organizing IT and OT assets
18:31 Understanding OT and IT risks
21:53 Evaluating security risks and priorities
25:31 Improving asset deployment and management
29:14 Evaluating and prioritizing risks
31:12 Shifting focus to success plans
35:59 Selling tech that delivers results
37:22 Hands-on approach to cybersecurity
42:39 Challenges with NERC audit processes
44:47 Balancing compliance and security
49:45 Challenges in power utility operations
51:55 AI, OT, and risk management
56:31 Importance of early compliance planning
About the guest :
Nicholas Friedman is an enterprise risk and governance leader with 25+ years of experience across Fortune 500 companies and government sectors. He specializes in integrated risk management, compliance, and AI governance - helping organizations build scalable frameworks that align security, risk, and business resilience.
How to connect Nicholas Friedman :
Linkedin : https://www.linkedin.com/in/nicholasfriedman/
Website : https://www.templarshield.com/
Connect With Aaron Crow:
Learn more about PrOTect IT All:
To be a guest or suggest a guest/episode, please email us at [email protected]
Please leave us a review on Apple/Spotify Podcasts:
Apple - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124
Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4
View all episodes
By Aaron Crow
5
77 ratings
You can’t manage risk you can’t measure - or even see.
In this episode of Protect It All, host Aaron Crow sits down with Nicholas Friedman to explore how organizations can move beyond compliance and build real, measurable cybersecurity programs across IT and OT environments.
With experience spanning banking, aerospace, and critical infrastructure, Nicholas shares how risk management principles translate across industries - and why understanding business context is critical to protecting operational systems.
This conversation dives into one of the biggest challenges in OT today: asset visibility and risk quantification. From outdated spreadsheets to modern automation, Aaron and Nicholas break down what it actually takes to understand exposure, justify investment, and communicate risk at the board level.
You’ll learn:
Whether you’re leading a cybersecurity program, managing OT environments, or presenting to the board, this episode delivers practical strategies to align security with business value and measurable outcomes.
Tune in to learn how to turn cybersecurity into a risk-driven, business-aligned strategy - only on Protect It All.
Key Moments:
05:14 Understanding business risk basics
08:40 Building effective OT cybersecurity teams
13:26 Challenges with aging IT and OT systems
14:19 Organizing IT and OT assets
18:31 Understanding OT and IT risks
21:53 Evaluating security risks and priorities
25:31 Improving asset deployment and management
29:14 Evaluating and prioritizing risks
31:12 Shifting focus to success plans
35:59 Selling tech that delivers results
37:22 Hands-on approach to cybersecurity
42:39 Challenges with NERC audit processes
44:47 Balancing compliance and security
49:45 Challenges in power utility operations
51:55 AI, OT, and risk management
56:31 Importance of early compliance planning
About the guest :
Nicholas Friedman is an enterprise risk and governance leader with 25+ years of experience across Fortune 500 companies and government sectors. He specializes in integrated risk management, compliance, and AI governance - helping organizations build scalable frameworks that align security, risk, and business resilience.
How to connect Nicholas Friedman :
Linkedin : https://www.linkedin.com/in/nicholasfriedman/
Website : https://www.templarshield.com/
Connect With Aaron Crow:
Learn more about PrOTect IT All:
To be a guest or suggest a guest/episode, please email us at [email protected]
Please leave us a review on Apple/Spotify Podcasts:
Apple - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124
Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4
More shows like PrOTect It All
View all
The Joe Rogan Experience
229,674 Listeners
CyberWire Daily
1,028 Listeners
Darknet Diaries
8,077 Listeners
![Talkin' Bout [Infosec] News by Black Hills Information Security](https://podcast-api-images.s3.amazonaws.com/corona/show/516141/logo_300x300.jpeg){kind=logo}
Talkin' Bout [Infosec] News
94 Listeners
Cybersecurity Headlines
139 Listeners
Hack the Plant
25 Listeners