Sign up to save your podcasts
Or
Share When the Hacker Changes a One to a Zero
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
When the Hacker Changes a One to a Zero
The real cyber threat isn't someone stealing your data. It's someone quietly changing a one to a zero on your shop floor, and you not noticing until something breaks.
Cybersecurity used to be the topic everyone talked about. Then it went quiet. Now, with AI accelerating attack capability and quantum computing on the horizon, it's more urgent than ever, and most automotive manufacturers are not ready.
In this episode, Jan Griffiths and co-host Tom Roberts sit down with Klint Walker, co-founder of Rule of Three Security and a 20-year veteran of federal cyber leadership. Klint has spent his career protecting critical infrastructure across the southeast, and he knows exactly where the holes are in manufacturing operations.
This conversation goes beyond the headlines. The flashy denial-of-service stories get the press, but the real risk is the integrity attack, the quiet manipulation that changes a value, degrades a part, or corrupts a backup. In a world where OT, IT, and IoT have all converged, the attack surface is bigger than most C-suites realize.
Themes Discussed in This Episode
- Why integrity attacks, not data breaches, are the threat manufacturers should fear most
- How OT systems built for standalone operation became cyber liabilities the moment they got connected
- Why "convenience is the opposite of security" and what that means for your shop floor
- Confidentiality, availability, and integrity: the three pillars and why you can't optimize for all three at once
- AI as a force multiplier for both defenders and attackers, and why only AI can defend against AI
- The quantum computing arms race and why your encryption catalog matters now
- Why 70% of cybersecurity is policy, process, and people, not technology
- The disconnect between the C-suite and the front line on what actually needs protecting
- Why containerizing AI matters: the cautionary tale of an AI that exposed CEO downsizing memos
- Tabletop exercises: making the hard decisions before you are in crisis
This podcast is powered by QAD RedZone.
Featured Guest
Name: Klint Walker
Title: Co-Founder, Rule of Three Security
About: Klint has 20 years of experience spanning federal, DOD, and private industry cybersecurity leadership. He has protected critical infrastructure across the southeast United States and holds a master's degree from the Naval Postgraduate School in Homeland Security and Defense. At Rule of Three Security, he helps organizations build cybersecurity programs grounded in the three pillars of the field: confidentiality, availability, and integrity.
Connect: LinkedIn
About Your Hosts
Jan Griffiths
Jan is the host and producer of the Auto Supply Chain Champions Podcast and The Automotive Leaders Podcast. A former automotive manufacturing and supply chain executive, Jan is recognized as a Champion for Culture Change in the automotive industry. She brings direct, grounded conversations to leaders navigating execution, disruption, and transformation across the global automotive ecosystem.
Tom Roberts (Co-host)
Tom is Co-host of the Auto Supply Chain Champions Podcast and Vice President of Strategic Industry Development at QAD. He works closely with automotive and industrial manufacturers to close the gap between insight and execution, helping leaders move from visibility to systems of action that drive real operational outcomes.
Episode Highlights
[00:03:21] What is cybersecurity, really? Klint opens with the question every C-suite should be able to answer but rarely can. It comes down to three pillars: confidentiality, availability, and integrity, and what those mean is different for every organization.
[00:07:30] The integrity attack nobody is talking about. Threat actors changing a one to a zero. Manipulating a girder spec. Degrading a part. The attacks that don't make the news but can quietly compromise everything you ship.
[00:10:00] The bank ransomware integrity story. Klint walks through how attackers can poison backups so that when you restore, you restore their fraudulent accounts as trusted data. Now apply that to a manufacturing BOM, a quality record, or a contract.
[00:12:43] AI as the new attacker advantage. Reconnaissance that used to take weeks now takes 15 minutes. Threat actors are using AI to map employees, build social engineering campaigns, and stay undetected once inside.
[00:16:50] The quantum arms race. Most organizations cannot tell you where they are using encryption, let alone whether it is quantum-ready. That cataloging exercise has to start now.
[00:19:45] The five things a manufacturing C-suite should do. It starts with one question: have you defined cybersecurity for your organization? Most boards have never been briefed on the state of their own program.
[00:21:30] The bank teller test. From the teller to the C-suite, every level of a bank gives a different answer to "what is the most important thing this business does?" If your front line is protecting the wrong thing, your cybersecurity program is broken before it starts.
[00:24:22] The AI containment story. A single prompt pulled a draft executive downsizing memo from the CEO's inbox. Most organizations have not told their AI what it can and cannot touch.
[00:28:14] The Rule of Three. The name of Klint's company comes from the three pillars. The job is making sure all three have visibility in your organization, and knowing which one matters most when something has to give.
Top Quotes
[00:06:58] Klint Walker: “Convenience is the opposite of security, and if you build something into convenience, you've bypassed security for it.”
[00:08:12] Klint Walker: “The real threats out there might actually be what we call the integrity attacks. These get no love in the media, but these are where the threat actors are going in and they're manipulating data.”
[00:23:43] Klint Walker: “If cybersecurity is not a culture of your organization, then it's just an add-on.”
Don't Miss the Follow-Up
Klint is coming back later this year to go deeper on tabletop exercises and the practical work of building a cybersecurity culture in a manufacturing environment. Subscribe so you do not miss it.
Follow the Auto Supply Chain Champions Podcast for real conversations with leaders who are making hard choices, focusing their bets, and leading with intent.
🎧 Follow the podcast:
🔗 Learn more about QAD Redzone: https://www.qad.com/
View all episodes
By QAD | Redzone
5
99 ratings
The real cyber threat isn't someone stealing your data. It's someone quietly changing a one to a zero on your shop floor, and you not noticing until something breaks.
Cybersecurity used to be the topic everyone talked about. Then it went quiet. Now, with AI accelerating attack capability and quantum computing on the horizon, it's more urgent than ever, and most automotive manufacturers are not ready.
In this episode, Jan Griffiths and co-host Tom Roberts sit down with Klint Walker, co-founder of Rule of Three Security and a 20-year veteran of federal cyber leadership. Klint has spent his career protecting critical infrastructure across the southeast, and he knows exactly where the holes are in manufacturing operations.
This conversation goes beyond the headlines. The flashy denial-of-service stories get the press, but the real risk is the integrity attack, the quiet manipulation that changes a value, degrades a part, or corrupts a backup. In a world where OT, IT, and IoT have all converged, the attack surface is bigger than most C-suites realize.
Themes Discussed in This Episode
- Why integrity attacks, not data breaches, are the threat manufacturers should fear most
- How OT systems built for standalone operation became cyber liabilities the moment they got connected
- Why "convenience is the opposite of security" and what that means for your shop floor
- Confidentiality, availability, and integrity: the three pillars and why you can't optimize for all three at once
- AI as a force multiplier for both defenders and attackers, and why only AI can defend against AI
- The quantum computing arms race and why your encryption catalog matters now
- Why 70% of cybersecurity is policy, process, and people, not technology
- The disconnect between the C-suite and the front line on what actually needs protecting
- Why containerizing AI matters: the cautionary tale of an AI that exposed CEO downsizing memos
- Tabletop exercises: making the hard decisions before you are in crisis
This podcast is powered by QAD RedZone.
Featured Guest
Name: Klint Walker
Title: Co-Founder, Rule of Three Security
About: Klint has 20 years of experience spanning federal, DOD, and private industry cybersecurity leadership. He has protected critical infrastructure across the southeast United States and holds a master's degree from the Naval Postgraduate School in Homeland Security and Defense. At Rule of Three Security, he helps organizations build cybersecurity programs grounded in the three pillars of the field: confidentiality, availability, and integrity.
Connect: LinkedIn
About Your Hosts
Jan Griffiths
Jan is the host and producer of the Auto Supply Chain Champions Podcast and The Automotive Leaders Podcast. A former automotive manufacturing and supply chain executive, Jan is recognized as a Champion for Culture Change in the automotive industry. She brings direct, grounded conversations to leaders navigating execution, disruption, and transformation across the global automotive ecosystem.
Tom Roberts (Co-host)
Tom is Co-host of the Auto Supply Chain Champions Podcast and Vice President of Strategic Industry Development at QAD. He works closely with automotive and industrial manufacturers to close the gap between insight and execution, helping leaders move from visibility to systems of action that drive real operational outcomes.
Episode Highlights
[00:03:21] What is cybersecurity, really? Klint opens with the question every C-suite should be able to answer but rarely can. It comes down to three pillars: confidentiality, availability, and integrity, and what those mean is different for every organization.
[00:07:30] The integrity attack nobody is talking about. Threat actors changing a one to a zero. Manipulating a girder spec. Degrading a part. The attacks that don't make the news but can quietly compromise everything you ship.
[00:10:00] The bank ransomware integrity story. Klint walks through how attackers can poison backups so that when you restore, you restore their fraudulent accounts as trusted data. Now apply that to a manufacturing BOM, a quality record, or a contract.
[00:12:43] AI as the new attacker advantage. Reconnaissance that used to take weeks now takes 15 minutes. Threat actors are using AI to map employees, build social engineering campaigns, and stay undetected once inside.
[00:16:50] The quantum arms race. Most organizations cannot tell you where they are using encryption, let alone whether it is quantum-ready. That cataloging exercise has to start now.
[00:19:45] The five things a manufacturing C-suite should do. It starts with one question: have you defined cybersecurity for your organization? Most boards have never been briefed on the state of their own program.
[00:21:30] The bank teller test. From the teller to the C-suite, every level of a bank gives a different answer to "what is the most important thing this business does?" If your front line is protecting the wrong thing, your cybersecurity program is broken before it starts.
[00:24:22] The AI containment story. A single prompt pulled a draft executive downsizing memo from the CEO's inbox. Most organizations have not told their AI what it can and cannot touch.
[00:28:14] The Rule of Three. The name of Klint's company comes from the three pillars. The job is making sure all three have visibility in your organization, and knowing which one matters most when something has to give.
Top Quotes
[00:06:58] Klint Walker: “Convenience is the opposite of security, and if you build something into convenience, you've bypassed security for it.”
[00:08:12] Klint Walker: “The real threats out there might actually be what we call the integrity attacks. These get no love in the media, but these are where the threat actors are going in and they're manipulating data.”
[00:23:43] Klint Walker: “If cybersecurity is not a culture of your organization, then it's just an add-on.”
Don't Miss the Follow-Up
Klint is coming back later this year to go deeper on tabletop exercises and the practical work of building a cybersecurity culture in a manufacturing environment. Subscribe so you do not miss it.
Follow the Auto Supply Chain Champions Podcast for real conversations with leaders who are making hard choices, focusing their bets, and leading with intent.
🎧 Follow the podcast:
🔗 Learn more about QAD Redzone: https://www.qad.com/