Battery Energy Storage Systems are being deployed across the grid at scale. But here's what nobody's saying out loud: these systems—many sourced through China with opaque firmware and embedded control systems—are creating cyber-physical liabilities with national security implications. BESS will be targeted. The question isn't if, it's whether you can see, understand, and contain the impact.

In this episode, host Gary Mullen and Juan Villarreal expose the supply-chain blind spots that turn critical energy infrastructure into remote-access attack surfaces. We're not talking about patching vulnerabilities or updating antivirus—we're talking about hardware, firmware, and engineering realities that can't be secured with traditional IT controls. When prevention fails, and it will, visibility is survival.

From grid-level consequences to compromised battery management systems, Juan breaks down real-world attack scenarios that go beyond theory. A manipulated BESS doesn't just affect one facility—it can destabilize frequency, cascade failures, and turn your energy asset into a weapon against the grid itself. This is cyber-informed engineering at the infrastructure level.

You'll discover why mature organizations are prioritizing cross-domain visibility and engineering-first resilience over perimeter defenses. When your BESS is remotely connected, when firmware is a black box, and when control systems are embedded at the hardware level, containment becomes the real battleground. Can you limit blast radius when the compromise is physical?

This isn't a distant risk. Attackers are already targeting energy infrastructure, and BESS systems represent a perfect convergence of cyber access and physical impact. Ready to understand what's really at stake?

Be sure to subscribe wherever you get your podcasts so you don’t miss future episodes, where we’ll continue to unpack the biggest cybersecurity challenges facing modern organizations—and how to solve them.