@BEERISAC: OT/ICS Security Podcast Playlist

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)
Episode: AI Agents & Cybersecurity: Identity, Compliance, and the New Risks Facing IT and OT
Pub date: 2026-05-11

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

AI agents are changing cybersecurity faster than most organizations can adapt.

In this episode of Protect It All, host Aaron Crow welcomes back cybersecurity veteran Ken Foster for a deep dive into how AI is reshaping risk, identity, and resilience across IT and OT environments.

With more than 30 years of experience spanning the Navy, manufacturing, fintech, government programs, and startups, Ken brings a grounded, real-world perspective on what organizations are getting right and dangerously wrong about AI adoption.

Together, Aaron and Ken explore the growing challenges around AI agents, identity governance, shadow AI, compliance, and attribution in highly regulated industries. As AI tools become embedded into workflows and decision-making, organizations must rethink how they manage access, monitor activity, and maintain resilience against rapidly evolving threats.

You’ll learn:

Why AI agents introduce new identity and governance risks

The dangers of shadow AI inside enterprise environments

How AI impacts compliance, attribution, and accountability

Why foundational practices like patching, segmentation, and documentation still matter

The role of continuous monitoring in AI-driven environments

How organizations can balance innovation with resilience and control

Whether you’re leading cybersecurity strategy, managing critical infrastructure, or navigating AI adoption inside regulated environments, this episode delivers practical insights for securing the next generation of digital operations.

Tune in to learn how AI is transforming cybersecurity - and what leaders must do to stay ahead - only on Protect It All.

Key Moments: 

07:47 AI guardrails discussion

12:02 Patching and network segmentation

20:44 AI changing job roles

24:24 FISMA and FedRAMP concerns

29:18 Emergency response planning

35:36 Choosing the right tech team

37:14 Discussing accountability and risk

46:31 Developer access problems

51:50 AI Dependence Risks

57:36 AI in pen testing

58:55 AI in risk prevention

About the guest :

Ken Foster is a veteran cybersecurity leader with 25+ years of experience in enterprise security, risk governance, and global infrastructure strategy. Currently Head of Global Architecture at Adient, Ken has previously led cybersecurity and compliance programs at Fleetcor and Fiserv, specializing in IAM, cloud security, regulatory compliance, and risk-based cybersecurity strategy. He is known for helping organizations balance innovation, resilience, and operational execution in highly regulated environments.

How to connect Ken: http://linkedin.com/in/kennethfoster/

Connect With Aaron Crow:

Website: www.corvosec.com 

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

Email: [email protected] 

Website: https://protectitall.co/ 

X: https://twitter.com/protectitall 

YouTube: https://www.youtube.com/@PrOTectITAll 

FaceBook:  https://facebook.com/protectitallpodcast

 

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad Industrial
Episode: 2/4 Análisis de la Resiliencia Colectiva en el Sector Ferroviario
Pub date: 2026-05-11

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

En este episodio se analiza los riesgos sistémicos derivados de la disparidad en la madurez de ciberseguridad entre operadores, fabricantes y proveedores. Se examina el impacto de las brechas regulatorias en la cadena de suministro y se evalúan las prácticas europeas de cooperación, intercambio de inteligencia y armonización normativa como pilares para alcanzar una resiliencia […]

The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)
Episode: Deral Heiland on Weaponizing Cellular-Based IoT
Pub date: 2026-05-10

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Rapid7 Principal Security Research (IoT) lead Deral Heiland joins the Nexus Podcast to discuss work his team did on how attackers might weaponize cellular-based IoT. 
Rapid7 conducted three phases of this research, with the most recent digging into how attackers with access to these systems can abuse them to gain unauthorized access, potentially exfiltrate critical data, or pivot into backend network infrastructure. 
Subscribe and listen to the Nexus Podcast here. 
Read the Rapid7 research report.

The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity Insider
Episode: Federal Agencies Can Enter Private Networks to Hunt Malware. Is Your Plant Prepared?
Pub date: 2026-05-06

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Dino and Jim break down a major shift in the cyber threat landscape: federal agencies obtaining legal authority to enter private networks to hunt down state-sponsored malware, and what that signals for industrial organizations.
They discuss why critical infrastructure and supply chains are prime targets, how “soft targets” in OT and building automation get exploited, and why many companies still lack visibility into what’s happening on the plant floor.
The conversation zooms in on real-world exposure points, especially unmanaged vendor remote access and end-of-life equipment, and closes with practical themes for leadership.
Stop assuming “IT has it covered”
Define measurable OT security outcomes
Start taking steps that make disruption harder and detection faster.

Chapters:
(00:00:00) Why identity, trust, and vendor access are breaking down in modern plants
(00:01:00) The episode’s trigger: government-led operations to remove malware from private networks
(00:03:00) “Machete scanning” and why IT-style tactics can disrupt OT operations
(00:05:00) The real target set: critical infrastructure, supply chains, and smaller utilities with limited resources
(00:08:00) Collateral damage and how cyber “weapons” trickle down to criminal ransomware
(00:13:00) Why OT is still a soft target: visibility gaps, unpatched systems, and weak segmentation
(00:14:00) Remote access everywhere: OEM/SI pathways, unknown identities, and lack of governance
(00:20:00) The logging gap: what IT sees vs. what OT can’t see (and why that matters for incident response)
(00:24:00) Building automation and facilities systems as weak links attackers love
(00:26:00) Executive accountability: what boards should be measuring after breaches (and why progress stalls)

Links And Resources:
Want to Sponsor an episode or be a Guest? Reach out here.
Industrial Cybersecurity Insider on LinkedIn
Cybersecurity & Digital Safety on LinkedIn
BW Design Group Cybersecurity
Dino Busalachi on LinkedIn
Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: SecurityWeek Podcast Series - Cybersecurity Insights
Episode: Decoding the IEC 62443-4-1 Standard for OT
Pub date: 2026-05-06

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

In this episode of the SecurityWeek Podcast, we speak with Rod Locke of Fortinet about the growing importance of IEC 62443 standards in operational technology (OT) security. The conversation explores secure-by-design principles, IEC 62443-4-1 certification, long-term security support for industrial systems, and how critical infrastructure operators can evaluate vendor security practices as IT and OT environments continue to converge. 
Follow SecurityWeek on LinkedIn

The podcast and artwork embedded on this page are from SecurityWeek, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.