The Industrial Security Podcast
PI Media
Your lights are on, your car runs, because industrial systems work 24/7 to keep our lives ticking. But what happens when those systems—the very pillars of modern society—are threatened?Hosted by Nate Nelson and Andrew Ginter, The Industrial Security Podcast takes a deep-dive into the most pressing emerging issues in SCADA technologies today. But don't just take our word for it: each new episode of the show features a leading voice in the world of industrial control systems security. You'll hear from executives, engineers, researchers and more, each with their own unique take on what's wrong with how we do things today, and how to fix it.ICS security is complicated. Here is where it all comes together.
Episodes
Mentioned books
Dec 13, 2025 • 44min
Rapid Recovery - When Security Fails [The Industrial Security Podcast]
We've been hacked. Everything is down. Or more mundane - there was a power surge and 5% of our cyber gear is fried. How do we get back into operation fastest? Stephen Nichols of Acronis joins us to look at rapid recovery of OT systems - from the mundane to the arcane.
Nov 21, 2025 • 55min
We can't - and shouldn't - fix everything [The Industrial Security Podcast]
We know there are problems in our security systems, but we can't and shouldn't fix everything. What do we fix? Who decides? How do we explain what's reasonable to people who do decide? Kayne McGladrey, CISOIn Residence at Hyperproof, joins us to explore risk, communication, and a surprising role for insurance.
Oct 28, 2025 • 1h 4min
Medical Device Cybersecurity Is Tricky [The Industrial Security Podcast]
Yes the device has to be safe to use on patients, and yes it has to produce its results reliably, but patient / data confidentiality is also really important. Naomi Schwartz of Medcrypt joins us to explore the multi-faceted world of medical device cybersecurity - from MRI's to blood sugar testers.
Oct 6, 2025 • 43min
Hardware Hacking - Essential OT Attack Knowledge [the industrial security podcast]
If you can touch it, you can hack it, usually. And having hacked it, you can often more easily find exploitable vulnerabilities. Marcel Rick-Cen of Foxgrid walks us through the basics of hacking industrial hardware and software systems.
Sep 8, 2025 • 46min
Managing Risk with Digital Twins - What Do We Do Next? [the industrial security podcast]
Asset inventory, networks and router / firewall configurations, device criticality - a lot of information. How can we USE this information to make useful decisions about next steps to address cyber risk? Vivek Ponada of Frenos joins us to explore a new kind of OT / industrial digital twin - grab all that data and work it to draw useful conclusions.
4 snips
Aug 11, 2025 • 50min
I don't sign s**t [The Industrial Security Podcast]
Tim McCreight, CEO and founder of Tailcraft Security, brings over 40 years of security experience to the conversation. He argues against accepting unchecked risks in organizations, emphasizing the need for strategic risk management. With insights from his upcoming book, Tim discusses the power of storytelling to influence executive decisions, particularly in cybersecurity. He shares valuable lessons from experiences like the Vancouver Olympics, advocating for collaboration between security professionals and leadership to effectively navigate risks and improve communication.
15 snips
Jul 28, 2025 • 54min
NIS2 and the Cyber Resilience Act (CRA) [The Industrial Security Podcast]
Christina Kiefer, an attorney at Reusch Law, dives into the crucial implications of the NIS2 legislation and Cyber Resilience Act (CRA) for EU businesses. She discusses the inconsistent implementation of NIS2 across Europe and the compliance challenges companies face. The conversation highlights the CRA's impact on digital product manufacturers and the heightened obligations arising from increased cyber attacks. Kiefer offers insights on navigating these complex regulations, emphasizing the urgency for companies to adapt their cybersecurity strategies.
Jul 11, 2025 • 1h 4min
Network Duct Tape [The Industrial Security Podcast]
Hundreds of subsystems with the same IP addresses? Thousands of legacy devices with no modern encryption or other security? Constant, acquisitions of facilities "all over the place" network-wise and security-wise? What most of us need is "network duct tape". Tom Sego of Blastwave shows us how their "duct tape" works.
Jun 17, 2025 • 53min
Credibility, not Likelihood [The Industrial Security Podcast]
Kenneth Titlestad, Chief Commercial Officer at Omni and chair of the Norwegian International Electrotechnical Committee subgroup, dives into the intersection of safety and cybersecurity. He discusses the evolution of cyber threats, particularly after incidents like Stuxnet, and the importance of credible threat assessment. Titlestad emphasizes minimizing false positives in detection while advocating for proactive measures. He also explores the role of AI in security and the need for a shift in focus from likelihood to credibility in managing risks, especially for critical infrastructure.
May 20, 2025 • 51min
Lessons Learned From Incident Response [The Industrial Security Podcast]
How did they get in? How did we find them when they got in? What can we do in future to clean up the mess faster? Chris Sistrunk reflects on a decades' industrial cyber incident response experience at Mandiant (Google).
