PrOTect It All

Strong OT cybersecurity programs aren’t built on tools alone, they're built on strategy, communication, and smart investment.

In this episode of Protect It All, host Aaron Crow is joined by cybersecurity expert Don C. Weber for a candid, real-world discussion on what it actually takes to build and sustain effective security programs across IT and OT environments.

From CapEx vs OpEx decisions to the growing role of AI in both attack and defense, this conversation cuts through the noise and focuses on what drives real outcomes: understanding business workflows, aligning with leadership, and developing the soft skills needed to turn strategy into action.

You’ll learn:

Why budgeting (CapEx vs OpEx) directly impacts security success

The underrated power of soft skills in driving security programs

How to connect cybersecurity efforts to business value and operations

The role of pen testing and assessments in improving maturity

Where AI adds value and where it introduces new risk

How training and process understanding strengthen long-term resilience

Whether you’re building a new security program or scaling an existing one, this episode delivers practical, experience-driven insights to help you make smarter decisions and drive real impact.

Tune in to learn how to align strategy, people, and investment for stronger OT cybersecurity only on Protect It All.

Key Moments: 

05:49 Technical skills and security requirements

09:10 Understanding data workflows

12:29 Building a vulnerability management program

13:26 Understanding organizational decision history

17:44 Budgeting challenges with CAPEX and OPEX

21:36 Steps in a security assessment

24:17 Starting a cybersecurity program

28:02 Prioritizing remote access security

31:21 Discussing AI's impact on cybersecurity

32:55 Using AI in cybersecurity

38:07 AI simplifying complex knowledge

40:35 AI tools making data queries easier

45:02 Detecting and responding faster

46:05 Networking and shared experiences

About the guest: 

Don C. Weber is a visionary cybersecurity leader who helps defenders safely prove security where it matters most in industrial operations. He is a SANS Principal Instructor, Founder of Cutaway Security, co-author of SANS ICS613: ICS/OT Penetration Testing & Assessments, and he also teaches SANS ICS410: ICS/SCADA Security Essentials to SANS student around the world. He brings years of field work into creating step-by-step labs and planning methods teams can use right away.

How to connect Don: 

LinkedIn: https://www.linkedin.com/in/cutaway/ 

Cutaway Security: https://www.linkedin.com/company/cutaway-security-llc 

CutSec Github: https://github.com/cutaway-security 

CutSec GasPot HMI Lab: https://github.com/cutaway-security/gaspot-hmi-lab 

SANS ICS ICS613 ICS/OT Penetration Testing and Assessments: https://www.sans.org/cyber-security-courses/ics-ot-penetration-testing-assessments

Connect With Aaron Crow:

Website: www.corvosec.com 

LinkedIn: https://www.linkedin.com/in/aaronccrow

L...

Cyberattacks don’t just test your systems - they test your preparedness.

In this episode of Protect It All, host Aaron Crow breaks down key lessons from the Striker attack and what it reveals about today’s evolving threat landscape across IT and OT environments. From energy and healthcare to manufacturing systems, attackers are increasingly using sophisticated techniques like “living off the land” - blending into normal operations instead of deploying obvious malware.

Aaron takes this beyond theory, focusing on what organizations must do before an attack happens.

A major theme? Tabletop exercises. Not as a compliance activity - but as a critical tool for building real incident response readiness, improving team coordination, and exposing gaps that tools alone can’t catch.

You’ll learn:

What the Striker attack teaches about modern cyber warfare

How living-off-the-land tactics bypass traditional defenses

Why tabletop exercises are essential for real-world readiness

The role of threat hunting and collaboration across teams

How attackers exploit weaknesses in both IT and OT environments

Why small, consistent actions can dramatically improve resilience

Whether you’re defending critical infrastructure, leading a cyber team, or just starting your security journey, this episode delivers practical insights you can apply immediately.

Tune in to learn how to prepare before the next attack - not react after it - only on Protect It All.

Key Moments: 

04:59 "Modern Warfare: Cyber and Beyond"

08:47 "Security Risks of Remote Wipe"

10:31 "Living Off the Land Tactics"

13:11 "Balancing Power and Security"

19:12 "Vulnerabilities Demand Swift Action"

20:21 Prioritize Risk, Justify Investment

25:04 Practice Preparedness Before Crisis

26:48 Weak Links Threaten Cybersecurity

Connect With Aaron Crow:

Website: www.corvosec.com 

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

Email: [email protected] 

Website: https://protectitall.co/ 

X: https://twitter.com/protectitall 

YouTube: https://www.youtube.com/@PrOTectITAll 

FaceBook:  https://facebook.com/protectitallpodcast

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

Global conflicts are no longer confined to physical battlefields - they’re spilling into cyberspace.

In this urgent episode of Protect It All, host Aaron Crow breaks down the rising wave of cyber threats targeting critical infrastructure, from energy and water utilities to manufacturing and transportation systems.

Drawing on recent global events and real-world incidents, Aaron explores how nation-state actors, hacktivists, and advanced adversaries are increasingly targeting operational technology environments. These attacks often rely on “living off the land” techniques - leveraging existing tools and access inside networks rather than deploying obvious malware.

But this episode isn’t about panic. It’s about practical defense.

Aaron outlines the immediate steps OT security teams can take to strengthen resilience - even with limited resources and tight budgets.

In this episode, you’ll learn:

Why global instability increases cyber risk for critical infrastructure

How attackers exploit existing tools using living-off-the-land tactics

The importance of vigilance, monitoring, and patching in OT environments

Why access control and identity management are critical defenses

How organizations can improve security posture without massive investments

The role of collaboration and awareness in defending essential systems

Whether you operate power systems, water facilities, industrial plants, or transportation infrastructure, this episode provides real-world guidance to help you stay ahead of evolving threats.

Tune in to learn how OT teams can strengthen defenses and protect the systems society depends on - only on Protect It All.

Key Moments:

03:41 "Rising Cyber Threats Amid Tensions"

08:24 Nation-State Cyber Threats Unveiled

11:23 "Advanced Cybersecurity and Monitoring"

14:24 Prioritizing and Addressing Security Risks

17:24 Practical Steps for Cybersecurity Improvements

19:34 "Focus on Resources and Action"

Connect With Aaron Crow:

Website: www.corvosec.com 

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

Email: [email protected] 

Website: https://protectitall.co/ 

X: https://twitter.com/protectitall 

YouTube: https://www.youtube.com/@PrOTectITAll 

FaceBook:  https://facebook.com/protectitallpodcast

 

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

What happens when attackers target the systems that keep the lights on?

In this episode of Protect It All, host Aaron Crow breaks down the December 2025 cyberattack on Poland’s energy infrastructure, where coordinated attackers disrupted wind farms, solar installations, and heat and power plants - impacting nearly half a million people.

This real-world incident highlights the growing risks facing distributed energy resources (DER) and modern power grids. As energy systems become more connected and decentralized, the attack surface expands - often faster than security programs can adapt.

Aaron walks through what actually went wrong: default passwords, unpatched devices, and weak network segmentation that allowed attackers to brick OT equipment and blind operators to what was happening in their own systems.

You’ll learn:

How attackers targeted renewable energy infrastructure at scale

Why edge devices and distributed assets create new vulnerabilities

The importance of eliminating default credentials and poor configurations

Why network segmentation and secure remote access are essential

What grid operators and OT teams must prioritize immediately

How lessons from Poland apply to power grids worldwide

For engineers, operators, and cybersecurity leaders responsible for critical infrastructure, this episode delivers practical insights on defending modern energy systems before attackers strike again.

Tune in to understand what Poland’s grid attack reveals about the future of OT security - only on Protect It All.

Key Moments: 

04:57 "Corrupted Firmware Disables System Control"

10:01 DER Risks and Scaling Threats

10:55 Risks of Expanding Energy Grids

16:30 OT Security Vulnerabilities and Risks

18:34 Prioritize OT Security Systems

23:06 Change Default Passwords Immediately

24:49 "Critical ICS Security Measures"

30:15 "OT Cyber-Physical Response Plan"

32:56 "Critical Security Steps for Resilience"

Connect With Aaron Crow:

Website: www.corvosec.com 

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

Email: [email protected] 

Website: https://protectitall.co/ 

X: https://twitter.com/protectitall 

YouTube: https://www.youtube.com/@PrOTectITAll 

FaceBook:  https://facebook.com/protectitallpodcast

 

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

AI can accelerate cybersecurity - or accidentally expose it.

In this solo episode of Protect It All, host Aaron Crow breaks down how cybersecurity professionals can safely integrate AI into their IT and OT workflows. As tools like ChatGPT, Copilot, and enterprise AI platforms become part of daily operations, the question isn’t whether to use AI - it’s how to use it responsibly.

Aaron moves beyond buzzwords to focus on practical, everyday applications: automating reports, summarizing threat intelligence, drafting policies, enhancing documentation, and streamlining repetitive tasks. At the same time, he tackles the real concerns leaders face - data privacy, compliance, policy alignment, and shadow AI risks.

You’ll learn:

Where AI delivers immediate value in cybersecurity workflows

How to automate without exposing proprietary or regulated data

The difference between enterprise AI tools and public platforms

How to align AI usage with corporate security policies

Practical ways CISOs and analysts can boost productivity safely

Why governance and awareness matter as much as innovation

Whether you’re leading a security program or working hands-on in IT or OT environments, this episode delivers actionable strategies to use AI smarter—not riskier.

Tune in to learn how to automate with confidence and stay ahead of the curve—only on Protect It All.

Connect With Aaron Crow:

Website: www.corvosec.com 

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

Email: [email protected] 

Website: https://protectitall.co/ 

X: https://twitter.com/protectitall 

YouTube: https://www.youtube.com/@PrOTectITAll 

FaceBook:  https://facebook.com/protectitallpodcast

 

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4