@BEERISAC: OT/ICS Security Podcast Playlist

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)
Episode: Poland’s Power Grid Cyberattack What It Teaches Us About OT Security and Renewable Energy Risks
Pub date: 2026-03-09

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

What happens when attackers target the systems that keep the lights on?

In this episode of Protect It All, host Aaron Crow breaks down the December 2025 cyberattack on Poland’s energy infrastructure, where coordinated attackers disrupted wind farms, solar installations, and heat and power plants - impacting nearly half a million people.

This real-world incident highlights the growing risks facing distributed energy resources (DER) and modern power grids. As energy systems become more connected and decentralized, the attack surface expands - often faster than security programs can adapt.

Aaron walks through what actually went wrong: default passwords, unpatched devices, and weak network segmentation that allowed attackers to brick OT equipment and blind operators to what was happening in their own systems.

You’ll learn:

How attackers targeted renewable energy infrastructure at scale

Why edge devices and distributed assets create new vulnerabilities

The importance of eliminating default credentials and poor configurations

Why network segmentation and secure remote access are essential

What grid operators and OT teams must prioritize immediately

How lessons from Poland apply to power grids worldwide

For engineers, operators, and cybersecurity leaders responsible for critical infrastructure, this episode delivers practical insights on defending modern energy systems before attackers strike again.

Tune in to understand what Poland’s grid attack reveals about the future of OT security - only on Protect It All.

Key Moments: 

04:57 "Corrupted Firmware Disables System Control"

10:01 DER Risks and Scaling Threats

10:55 Risks of Expanding Energy Grids

16:30 OT Security Vulnerabilities and Risks

18:34 Prioritize OT Security Systems

23:06 Change Default Passwords Immediately

24:49 "Critical ICS Security Measures"

30:15 "OT Cyber-Physical Response Plan"

32:56 "Critical Security Steps for Resilience"

Connect With Aaron Crow:

Website: www.corvosec.com 

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

Email: [email protected] 

Website: https://protectitall.co/ 

X: https://twitter.com/protectitall 

YouTube: https://www.youtube.com/@PrOTectITAll 

FaceBook:  https://facebook.com/protectitallpodcast

 

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad Industrial
Episode: 1/4 Contexto de Auditoría de seguridad en OT
Pub date: 2026-03-09

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

En este episodio se aborda la transición necesaria de la auditoría documental clásica a la evaluación del comportamiento real de los sistemas industriales. Analiza los errores críticos al intentar aplicar metodologías IT en plantas de producción y cómo cambiar la perspectiva cuando el activo a proteger no es un servidor, sino el proceso físico que […]

The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)
Episode: Dan Ricci on Four Years of the ICS Advisory Project
Pub date: 2026-03-08

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Industrial cybersecurity expert Dan Ricci, the founder and maintainer of the ICS Advisory Project, joins the Nexus Podcast to discuss the evolution of the industry's premier ICS and OT security advisory repository as it turns 4 years old. 
Dan talks about the impact of the project on OT security teams, the dashboards he's created to better parse the volume of data on the site, and unique use cases that asset owners and operators have for this critical information. 
Subscribe and listen to the Nexus Podcast here. 

The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)
Episode: EP 82: Kerberos in OT: RC4 Downgrade Attacks
Pub date: 2026-03-04

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Kerberos, a decades-old authentication protocol, creates hidden risks in OT environments. Dor Segal, security researcher team lead at Silverfort, discusses delegation abuse, cipher downgrade attacks, and person-in-the-middle threats—highlighting why legacy encryption, patching challenges, and operational constraints make identity security critical in industrial networks.

The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity Insider
Episode: The Blind Spots Putting Manufacturers at Risk: WEF 2026 Global Cybersecurity Outlook
Pub date: 2026-03-03

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

LuRae Lumpkin, Producer of Industrial Cybersecurity Insider, sits down with industrial cybersecurity expert Dino Busalachi to break down the 2026 World Economic Forum Global Cybersecurity Outlook Report and what it really means for manufacturers.
While the report surveyed nearly a thousand CEOs, CIOs, and CISOs, Dino reveals a critical blind spot: industrial control systems and OT environments are being left dangerously exposed.
They discuss how AI is becoming a double-edged sword for attackers and defenders, why supply chain vulnerabilities remain unaddressed, the shocking lack of cybersecurity skills on plant floors, and why most companies still aren't conducting incident response exercises.
Dino shares real-world insights from working in nearly 2,000 plants over four decades, explaining why IT and OT remain disconnected, how remote access creates massive security gaps, and why outdated equipment with decades-old vulnerabilities sits unpatched in critical manufacturing environments.
The conversation reveals that while enterprises focus on IT security, the plant floor—where revenue is actually generated—remains critically vulnerable, with potentially catastrophic consequences for businesses, supply chains, and even national GDP.
Chapters:
(00:00:00) - Introduction and Overview of WEF 2026 Cybersecurity Report
(00:01:00) - Where Cybersecurity Funding Actually Goes: IT vs OT Reality
(00:03:00) - The Myth of Disconnected Legacy Equipment (00:05:00) - AI as a Double-Edged Sword in Industrial Environments
(00:08:00) - The Vulnerability Crisis: Thousands of Unpatched Systems
(00:09:00) - Third-Party and Supply Chain Security Gaps
(00:12:00) - Remote Access: The Hidden Attack Vector
(00:14:00) - Critical Supplier Dependencies and Decentralized OT
(00:15:00) - The Skills Gap: Why Industrial Cybersecurity Expertise is Scarce
(00:19:00) - The Shocking Truth About Incident Response Exercises
(00:22:00) - Real-World Impact: When Manufacturers Get Hit
(00:24:00) - Getting All Stakeholders in the Same Room
(00:28:00) - Insurance vs Prevention: The True Cost of Cyber Incidents
(00:29:00) - Final Thoughts: Who Should Own OT Cybersecurity?
Links And Resources:
Want to Sponsor an episode or be a Guest? Reach out here.
Industrial Cybersecurity Insider on LinkedIn
Cybersecurity & Digital Safety on LinkedIn
BW Design Group Cybersecurity
Dino Busalachi on LinkedIn
Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.