In this episode of Data Security Decoded, Cybersecurity veteran Dawn Cappelli joins host Caleb Tolin to unpack the rapidly evolving threat landscape facing operational technology environments. With decades of experience spanning CERT, Rockwell Automation, and now Dragos, Dawn breaks down how geopolitical conflicts, empowered hacktivists, and ransomware are reshaping OT risk. She shares the five critical ICS controls every organization should prioritize and discusses why community-driven defense models are now essential for resilience. A must-listen for leaders responsible for critical infrastructure, manufacturing, and industrial cybersecurity.

What you'll learn:

Episode Highlights:

00:00 – Opening + Guest Introduction Caleb introduces Dawn and frames her decades of OT and insider threat leadership.

02:00 – Dawn’s Early Journey into OT and Security How nuclear engineering, the CDC bioterrorism portal, and 9/11 sparked her cybersecurity mission.

05:00 – Founding the CERT Insider Threat Center Inside the origin story and its impact on insider risk theory.

07:00 – Moving to Rockwell: The Hidden OT Backdoor Risk Why insider sabotage in OT environments was a turning point in her career.

08:00 – The Geopolitical Shift in OT Threats How Russia–Ukraine changed everything about attacking critical infrastructure.

10:00 – The Rise of State-Aligned Hacktivists Why groups like Cyber Avengers now have real disruption capability.

13:00 – The SANS Five ICS Controls Dawn breaks down the controls that prevent and detect most attacks.

17:00 – Ransomware Trends in OT Why manufacturing is a prime target and how attacks are evolving.

19:00 – The Promise and Peril of Agentic AI in OT Why autonomous agents could cause catastrophic outcomes.

21:00 – OT-CERT: Free Global Resources How Dragos is empowering organizations worldwide with practical support.

Episode Resources: