In this episode of the Industrial Cybersecurity Insider, host Dino sits down with Dan Cartmill, Sr. Global Product Marketing Director for TXOne Networks, to discuss the often misunderstood world of OT vulnerability management.

Dan brings a unique perspective, having started as a practitioner 17 years ago, before transitioning to the vendor side. The conversation explores why simply creating a list of vulnerabilities isn't enough – and what organizations should actually be doing to reduce risk in their OT environments.

Chapters:

• 00:00:00 - Introduction and Dan's Background
• 00:02:00 - Biggest Misconceptions About OT Vulnerability Management
• 00:04:00 - Blind Spots in OT Vulnerability Scanning
• 00:07:00 - Finding Vulnerabilities: OT vs IT Differences
• 00:10:00 - Proactive Approaches to Unknown Vulnerabilities
• 00:12:00 - How TX One Addresses Vulnerabilities Non-Disruptively
• 00:15:00 - Virtual Patching and Operations-First Philosophy
• 00:18:00 - IT/OT Convergence and Team Collaboration
• 00:21:00 - Building Relationships with Third-Party Partners
• 00:23:00 - Tabletop Exercises and Incident Response Planning
• 00:26:00 - Key Takeaway: Never Forget Your Original Objectives
• 00:28:00 - Dealing with Event Overload and Zero-Day Vulnerabilities

Links And Resources:

• Dan Cartmill on LinkedIn
• TXOne Networks
• Dino Busalachi on LinkedIn
• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!