Sign up to save your podcasts
Or
Share OT Security Isn't an IT Problem: What it Takes to Get it Right
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
OT Security Isn't an IT Problem: What it Takes to Get it Right
Craig sits down with Wil Klusovsky, a 26-year cybersecurity veteran and CRO at viLogics, to break down why asset visibility and exposure management are the foundation of any solid OT security strategy.
From the myth of the air-gapped shop floor to the real-world math behind quantifying cyber risk in dollars and cents, Will and Craig explore how manufacturers can move beyond fear-based selling, bridge the gap between IT and operations, and build programmatic cybersecurity that protects both production uptime and the bottom line.
They discuss how to frame cyber risk as business risk, why compensating controls and context matter more than raw vulnerability numbers, and why the CISO's real job is "chief inside selling officer."
Chapters:
- (00:00:00) - Welcoming Will to the Podcast!
- (00:02:12) - Why Asset Visibility Is the Starting Point for OT Security
- (00:03:48) - The Air Gap Myth and Legacy Systems on the Shop Floor
- (00:04:52) - Translating Cyber Risk Into Dollars and Cents
- (00:07:05) - Quantifying Downtime: Mean Time to Recovery and True Cost of Ownership
- (00:09:55) - Risk Appetite: Spend to Mitigate or Accept the Exposure?
- (00:11:32) - Who Really Owns the Risk? Executives, Not CISOs
- (00:13:00) - Uptime, OEE, and Why Cybersecurity Risk Is Business Risk
- (00:15:45) - Remote Access Risks and Competing Priorities on the Shop Floor
- (00:18:04) - The "Chief Inside Selling Officer" — Getting Buy-In Before Budget
- (00:19:48) - The Get Out of Jail Free Card: Aligning Incentives Across Teams
- (00:22:30) - Context Over CVE Counts: 600 Critical Vulns, Zero Exploitable
- (00:25:42) - Prioritizing Remediation by Business Impact, Not Severity Score
- (00:26:30) - Wrap-Up and Part 2 Preview: Business Impact Analysis
Links And Resources:
- Wil Klusovsky on LinkedIn
- Want to Sponsor an episode or be a Guest? Reach out here.
- Industrial Cybersecurity Insider on LinkedIn
- Cybersecurity & Digital Safety on LinkedIn
- BW Design Group Cybersecurity
- Dino Busalachi on LinkedIn
- Craig Duckworth on LinkedIn
Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!
View all episodes
By Industrial Cybersecurity InsiderCraig sits down with Wil Klusovsky, a 26-year cybersecurity veteran and CRO at viLogics, to break down why asset visibility and exposure management are the foundation of any solid OT security strategy.
From the myth of the air-gapped shop floor to the real-world math behind quantifying cyber risk in dollars and cents, Will and Craig explore how manufacturers can move beyond fear-based selling, bridge the gap between IT and operations, and build programmatic cybersecurity that protects both production uptime and the bottom line.
They discuss how to frame cyber risk as business risk, why compensating controls and context matter more than raw vulnerability numbers, and why the CISO's real job is "chief inside selling officer."
Chapters:
- (00:00:00) - Welcoming Will to the Podcast!
- (00:02:12) - Why Asset Visibility Is the Starting Point for OT Security
- (00:03:48) - The Air Gap Myth and Legacy Systems on the Shop Floor
- (00:04:52) - Translating Cyber Risk Into Dollars and Cents
- (00:07:05) - Quantifying Downtime: Mean Time to Recovery and True Cost of Ownership
- (00:09:55) - Risk Appetite: Spend to Mitigate or Accept the Exposure?
- (00:11:32) - Who Really Owns the Risk? Executives, Not CISOs
- (00:13:00) - Uptime, OEE, and Why Cybersecurity Risk Is Business Risk
- (00:15:45) - Remote Access Risks and Competing Priorities on the Shop Floor
- (00:18:04) - The "Chief Inside Selling Officer" — Getting Buy-In Before Budget
- (00:19:48) - The Get Out of Jail Free Card: Aligning Incentives Across Teams
- (00:22:30) - Context Over CVE Counts: 600 Critical Vulns, Zero Exploitable
- (00:25:42) - Prioritizing Remediation by Business Impact, Not Severity Score
- (00:26:30) - Wrap-Up and Part 2 Preview: Business Impact Analysis
Links And Resources:
- Wil Klusovsky on LinkedIn
- Want to Sponsor an episode or be a Guest? Reach out here.
- Industrial Cybersecurity Insider on LinkedIn
- Cybersecurity & Digital Safety on LinkedIn
- BW Design Group Cybersecurity
- Dino Busalachi on LinkedIn
- Craig Duckworth on LinkedIn
Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!