The Industrial Security Podcast

The Industrial Security Podcast

Your lights are on, your car runs, because industrial systems work 24/7 to keep our lives ticking. But what happens when those systems—the very pillars of modern society—are threatened?

Hosted by Nate Nelson and Andrew Ginter, The Industrial Security Podcast takes a deep-dive into the most pressing emerging issues in SCADA technologies today. But don't just take our word for it: each new episode of the show features a leading voice in the world of industrial control systems security. You'll hear from executives, engineers, researchers and more, each with their own unique take on what's wrong with how we do things today, and how to fix it.

ICS security is complicated. Here is where it all comes together.


When Numbers Are Scarce

How do we estimate the probability of an attack that has never happened? Ron Brash of Verve Industrial explains.


Malcolm – A New (Free, INL) Tool for Network Visibility

Jens Wiesner of the German BSI explores Malcolm, a new (free, open source) tool for OT network visibility, brought to us by the U.S. Idaho National Labs (INL).


Build, Break & Secure

Build, break & secure with a 1000-lb portable lab – Matthew Luallen of Cybati explores modern industrial security training.


Three Networks – IT, OT & Engineering

Industrial security pioneer Joe Weiss explains how there are 3 networks, not two – IT, OT and Engineering, with examples from the 2007 aurora test.


Layer Zero Anomaly Detection

Explore out of band security and operational anomaly detection with Ilan Gendelman and Hadas Levine of SIGA OT Solutions.


Where Do Your Bits Really Come From? – Eric Byres

Industrial security pioneer Eric Byres speaks to software supply chain trust issues and some of the technology his new venture Adolus Inc. is developing to help.

Guest: Eric Byres – CEO of Adolus


Be Brave When Assessing Risks – Mark Fabro

Mark Fabro explores how robust cyber/physical risk assessments help "stay left of boom" at industrial sites.

Guest: Mark Fabro, President and Chief Security Scientist at Lofty Perch


Starting From Zero – Lyndon Hall of Iron Spear

Lyndon is routinely called on for the first-ever security assessment at industrial sites. He explains how he does that and what he finds.


We can only secure what we know we have – Rick Kaun

Asset inventory is the foundation of industrial security, which is essential to IT/OT convergence. Rick Kaun talks about asset inventory concepts and the Verve Industrial technology for inventory.

Guest: Rick Kaun – VP Solutions at Verve Industrial Protection


Efficiency Through Security – Greg Hale

A wide-ranging conversation with Greg Hale about where we are today, how security relates to safety, how to sell security as improving efficiency and other topics.

Guest: Greg Hale – Editor and Founder of Industrial Safety and Security Source (ISSSource)


Tips for Recruiting and being Recruited into Industrial Security Positions

Meg Duba, a recruiter at Idaho National Labs talks about techniques, tips and challenges for industrial security recruitment and job hunting.

Guest: Meg Duba, Recruiter, Idaho National Laboratories


Munich Airport – Security Challenges and Information Security Hub

Mark Lindike explores industrial systems and security challenges at the Munich International Airport, as well as how the new Munich ISH training facility is helping the airport and others.


Water Services Security at the City of Calgary

Industrial security insights regarding risks, programs, budgets and technology at the City of Calgary Water Services, with Darrol Weiss.


Running with Scissors – with Patrick Miller

Patrick Miller discusses how technology advances in Industrial Control Systems are out-pacing existing industrial cybersecurity and business risk management programs and what needs to change to keep pace


Israeli Cybersecurity – Dr. Gabi Siboni

Gabi Siboni joins us to talk about standards, challenges and current initiatives in Israel – perhaps most thoroughly-cyber-protected nation on the planet.


IT vs OT – Challenges and Opportunities

The differences between IT and OT teams and approaches both make life difficult and represent opportunities to improve industrial operations.


Classifying Control Systems, Consequences and Criticality

Marty Edwards discusses the need for a standard way to classify the criticality of industrial control systems – eg: safety-critical vs. equipment-critical vs. reliability-critical systems, and what implications such classification should have for industrial security programs.


Critical Infrastructure Security In Israel – Buki Carmeli

Buki Carmeli walks us through the evolution of government programs and legislation for securing Israel's critical infrastructure.


German Initiatives and Progress in Cybersecurity

We caught Jens Weisner at S4 and he talks about cybersecurity in Germany – progress, challenges and a little comparing of the German approach to what he sees happening in North America.


ICS Penetration Testing with Jonathan Pollet

Jonathan Pollet, CEO of Red Tiger Security, walks us through how his crew does control system penetration testing, often with live, running systems as a target, with examples of findings and how customers use those findings.


Board-Level Security Governance – Paul Feldman

Paul Feldman joins us to explore cybersecurity governance topics for boards of directors in the North American electric sector. Paul is a former director of WECC and MISO, among many other roles. He talks to us about what are the responsibilities of boards of directors for cybersecurity and what kinds of cybersecurity discussions he sees taking place at the board level.


OSIsoft and the EPRI Methodology with Harry Paul

Harry Paul's product is, well, complicated. His company produces what are called “data sheets”, addressing threat assessment and vulnerability mitigation for industrial cyber systems…and that's just about the simplest, most basic part of it. Andrew's got a big task in today's show—to take on some of the very highest-concept work going on in the SCADA private sector today, and translating it for the rest of us.


IIoT Security with Sven Schrecker

Sven Shrecker is not just an expert in the internet of things—he's a well-versed, experienced public speaker. A Chief Architect at IBM, Sven is not only at the cutting-edge of IoT security, but someone who can magically make the work he does sound both engaging and understandable to just about anyone. In this pilot episode of The Industrial Security Podcast, Sven will be taking us through the emerging field of IoT in ICS, and how connecting the grid to the grid presents new problems, and new solutions, for security professionals.


Subscribe to the Podcast:



Podcast Website