@BEERISAC: OT/ICS Security Podcast Playlist

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)
Episode: Pen Testing Reality Check: Why Cybersecurity Fundamentals Still Matter More Than AI
Pub date: 2026-02-09

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Shiny tools don’t break attackers in basic mistakes.

In Episode 92 of Protect It All, host Aaron Crow sits down with Corey LeBleu, founder of Relix Security and seasoned penetration tester, for a candid look at what actually causes organizations to get compromised and why fundamentals still matter more than the latest security trends.

Drawing from years of red-team and penetration-testing experience, Corey shares real stories from the field: forgotten printers, unmanaged IoT devices, legacy systems no one owns anymore, and misconfigurations hiding in plain sight. Together, Aaron and Corey unpack why asset visibility, patching, and change management continue to be the weakest links - even as AI and automation enter the security conversation.

You’ll learn:

Why old printers, IoT devices, and “temporary” systems are prime attack paths

What most organizations misunderstand about pen testing and red teaming

How poor asset inventory and change management undermine security programs

The real risks behind shadow IT and unmanaged tools

Where AI helps in pen testing and where experience still wins

Why mastering the basics beats chasing new security gadgets every time

Whether you’re a security professional, IT leader, or someone looking to break into cybersecurity, this episode delivers practical, no-nonsense lessons from the front lines - focused on what actually reduces risk.

Tune in to hear why cybersecurity success still starts with the fundamentals - only on Protect It All.

Key Moments: 

03:57 Critical Infrastructure: Finding Vulnerabilities

06:44 "Cyber Risks from Hidden Devices"

11:25 Cybersecurity: Focus on Basics

16:09 Complex Systems Demand Continuous Testing

18:17 Understanding Complex System Security

22:54 "Testing: External vs. Internal"

24:12 Enterprise Challenges with AI Integration

27:40 AI Lowers Barriers for Hacking

About the guest : 

Corey LeBleu has built a career around application security testing, becoming deeply involved in integrating vulnerability assessments throughout the software testing lifecycle. Noticing shifts in industry practices, Corey observed major international financial institutions moving to routinely pentest every application- even legacy IBM systems - leading the way in robust cybersecurity practices. In contrast, Corey also highlights the challenges faced by manufacturing, where operational technology often suffers from outdated, vulnerable systems. Corey’s experience showcases the evolving landscape of application security, emphasizing the need for continuous testing and vigilance across diverse industries.

How to connect Corey :
https://www.linkedin.com/in/coreylebleu/

Connect With Aaron Crow:

Website: www.corvosec.com 

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

Email: [email protected] 

Website: https://protectitall.co/ 

X: https://twitter.com/protectitall 

YouTube: https://www.youtube.com/@PrOTectITAll 

FaceBook:  https://facebook.com/protectitallpodcast

 

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad Industrial
Episode: 1/4 Contexto de Orquestando la seguridad OT
Pub date: 2026-02-09

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

En este episodio se aborda el paso de la detección a la orquestación como principal reto de la seguridad OT. Se analiza cómo se puede perder el control del riesgo pese a tener muchas herramientas de seguridad. Destaca que en entornos IT/OT/IoT la complejidad organizativa suele ser la más subestimada.

The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Cyber Talks Podcast
Episode: Idan Flek CCO & IT @Orot Energy - Managing cyber risk on critical infrastructure from the CxO view
Pub date: 2026-02-04

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

ניהול סייבר הוא הרבה דברים שהם מעבר להגנה, היכולת לעבוד מול כלל הגורמים בחברה ממשתמשי הקצה בנושא מודעות סייבר, דרך יצירת מרחב עבודה ושיתוף פעולה של גורמי מקצוע האחרים כגון: ניהול סיכונים, המחלקה המשפטית, מערכות המידע והרשימה עוד ארוכה. כול זה עוד לפני הצורך לתת מענה להיבטים העסקיים ועבודה שוטפת מול הנהלה ודירקטוריון.

הפעם בקשתי לפתוח את נושא ההנהלה בצורה רחבה יותר, מה קורה שאתה מקבל/לוקח עליך כסמנכ"ל את האחריות הניהולית למערכות המידע של החברה וכפל כפלים בחברה שהיא תשתיות קריטיות תחת רגולציות קשיחות.

נחשון פינקו מארח את עידן פלק סמנכ"ל הסחר ומערכות המידע של קבוצת אורות אנרגיה בשיחה על ראיית המנהל לאחר שנתיים וחצי מאז שלקח על עצמו את האחריות למערכות המידע ללא שום ידע בתחום. ההתמודדות עם מלחמה שהאתרי הייצור של החברה הם מטרה ברורה לתקיפה פיזית וקיברנטית.

ניהול סיכונים

בנית צוות

העבודה במסגרת ההנהלה הבכירה והדירקטוריון

גיבוש תקציב תחת "שמיכה קצרה" וסדר עדיפויות

ועוד

Cyber management is about much more than just protection. It’s the ability to work with every entity in the company, from end-users on cyber awareness to creating a collaborative workspace with other professionals, such as risk management, legal, IT, and more. All of this is even before addressing business aspects and ongoing work with senior management and the Board of Directors

This time, I wanted to explore the management aspect more broadly: what happens when you, as a VP, take on the administrative responsibility for the company's information systems, especially in a critical infrastructure company under strict regulation

Nachshon Pincu hosts Idan Flek, VP Chief Commercial Officer and Information Systems at the Orot Energy Group, for a conversation from a manager's perspective, two and a half years after taking on IT responsibilities with no prior knowledge of the field. Dealing with a war where the company's production sites are clear targets for physical and cyber attacks

Risk management

Building a team

Prioritizing cyber within senior management and the Board

formulating a budget under a 'short blanket' and shifting priorities

and more

The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: (CS)²AI Podcast Show: Control System Cyber Security
Episode: 131: OT Monitoring & SOC and Incident Response — Lessons from the Field with Cambios Academy
Pub date: 2026-02-04

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

In this episode of the (CS)²AI Podcast, host Derek Harp is joined by Jonathan Pollet, Marc Visser, and Bryan Singer for a deep-dive Q&A discussion following CS2AI’s January 21st community event on OT Monitoring, SOC operations, and Incident Response. Drawing on decades of hands-on experience across industrial environments worldwide, the panel expands on questions that couldn’t be fully addressed during the live sessions.
The conversation explores why OT monitoring and SOC capabilities must come before incident response, and how poor network architecture, lack of visibility, and organizational silos continue to undermine response efforts when incidents occur. Jonathan outlines the architectural foundations required to support effective detection, response, and recovery, while Marc emphasizes the practical realities of implementing OT monitoring—from working with factory engineers to reducing alert fatigue and building usable SOC workflows.
Bryan brings the incident responder’s perspective, sharing real-world insights from global OT incidents, including prolonged dwell times, ransomware impacts on production, and why organizations without proper segmentation and monitoring often experience the most severe and prolonged outages. The discussion also tackles common questions around Fusion SOCs vs. dedicated OT SOCs, the human challenges of translating OT data into actionable intelligence, and what asset owners should realistically expect from incident response retainers.
This episode is a must-listen for OT practitioners, security leaders, and asset owners looking to move beyond theory and understand what actually works in the field. Whether you are just beginning your OT monitoring journey or refining mature SOC and IR capabilities, this discussion offers practical guidance rooted in real operational experience.

The podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made Simple
Episode: What’s going on with manufacturing OT security? | OT Security Made Simple
Pub date: 2026-02-03

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

OT security researcher Ben Book takes an unapologetic view on the state of OT security in manufacturing. He doesn’t blame anybody but provides a clear analysis of business dynamics and offers what many lack when talking OT security solutions: the right questions. 

You can find more information on OT Security Made Simple at rhebo.com or send us your ideas, questions, or guest suggestions at [email protected].

The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.