In this episode, host Aaron Crow sits down with OT security expert Justin Searle, Director of ICS Security at InGuardians, for a deep dive into the ever-evolving world of OT and IT cybersecurity.

With over 25 years of experience, ranging from hands-on engineering and water treatment facilities to red-team penetration testing on critical infrastructures such as airports and power plants, Justin brings a wealth of insight and real-world anecdotes.

This episode unpacks what it really takes to assess and secure operational technology environments. Whether you’re a C-suite executive, a seasoned cyber pro, or brand new to OT security, you’ll hear why network expertise, cross-team trust, and careful, collaborative engagement with engineers are so crucial when testing high-stakes environments. Aaron and Justin also discuss how the industry has matured, the importance of dedicated OT cybersecurity teams, and why practical, people-first approaches make all the difference, especially when lives, reliability, and national infrastructure are on the line.

Get ready for actionable advice, hard-earned lessons from the field, and a candid look at both the progress and the ongoing challenges in protecting our most critical systems.

Key Moments:

05:55 Breaking Into Cybersecurity Without Classes

09:26 Production Environment Security Testing

13:28 Credential Evaluation and Light Probing

14:33 Firewall Misconfiguration Comedy

19:14 Dedicated OT Cybersecurity Professionals

20:50 "Prioritize Reliability Over Latest Features"

24:18 "IT-OT Convergence Challenges"

29:04 Patching Program and OT Security

32:08 Complexity of OT Environments

35:45 Dress-Code Trust in Industry

38:23 Legacy System Security Challenges

42:15 OT Cybersecurity for IT Professionals

43:40 "Building Rapport with Food"

47:59 Future OT Cyber Risks and Readiness

51:30 Skill Building for Tech Professionals

About the Guest :

Justin Searle is the Director of ICS Security at InGuardians, specializing in ICS security architecture design and penetration testing. He led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and played critical roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP).

Justin has taught hacking techniques, forensics, networking, and intrusion detection courses for multiple universities, corporations, and security conferences. His current courses at SANS and Black Hat are among the world's most attended ICS cybersecurity courses. Justin is currently a Senior Instructor for the SANS Institute and a faculty member at IANS. In addition to electric power industry conferences, he frequently presents at top international security conferences such as Black Hat, DEFCON, OWASP, HITBSecConf, Brucon, Shmoocon, Toorcon, Nullcon, Hardware.io, and AusCERT.

In this episode of Protect It All, host Aaron Crow welcomes Pedro Umbelino, Principal Research Scientist at BitSight, for an insightful and lively conversation recorded shortly after they met at RSA. Pedro shares stories of his early days in computing, from scavenging parts as a kid to teaching himself programming on a ZX Spectrum. The discussion quickly dives into critical cybersecurity issues across the interconnected worlds of IT and OT, focusing on dramatic vulnerabilities in Automatic Tank Gauges (ATGs) at gas stations—exposing ways attackers could cause significant physical damage and even spark major operational disruptions, all through insecure legacy protocols.

Pedro also brings attention to a ticking time bomb: the “Year 2038” problem, where millions (if not billions) of 32-bit systems might fail due to an epoch time rollover—an issue that could have consequences reminiscent of Y2K, but on a potentially broader scale, especially for OT and critical infrastructure.

Throughout the episode, Aaron and Pedro share practical strategies, lessons from the field, and the sobering reminder that many of these vulnerabilities are still lurking below the surface. The conversation highlights the importance of awareness, collaboration across industry and ISPs, and a proactive approach to understanding and hardening both new and legacy systems. Whether you're an OT engineer, a security researcher, or just curious about what it means to truly “protect it all,” this episode offers a fascinating look at the evolving landscape of digital and physical security risks.

Key Moments:

06:37 Letting Go of Old Memories

15:12 Refueling Spill Risks Concern Technicians

17:37 Understanding Risks Beyond Fear

23:24 Internet Exposure Risks for OT Devices

32:17 Global Cyber Incident Response Challenges

35:30 Legacy System Challenges

39:19 Unidentified Cyber Assets Risk

48:41 "Understanding the Epochalypse Project's Challenges"

49:31 Testing System Vulnerabilities at Scale

55:12 Tech Vulnerabilities Analogous to Y2K

01:03:08 Challenges in OT Modernization

About the Guest:

Pedro Umbelino currently holds the position of Principal Research Scientist at Bitsight Technologies and brings over a decade of experience in dedicated security research.

⁤His eclectic curiosity has led to the uncovering of vulnerabilities spanning a gamut of technologies, highlighting critical issues in multiple devices and software, ranging from your everyday smartphone to household smart vacuums, from the intricacies of HTTP servers to the nuances of NFC radio frequencies, from vehicle GPS trackers to protocol-level denial of service attacks.

Pedro is committed to advancing cybersecurity knowledge and has shared his findings at prominent conferences, including Bsides Lisbon, DEF CON, Hack.lu and RSA.

How to connect Pedro :
LinkedIn: https://www.linkedin.com/in/pedroumbelino/

In this episode, host Aaron Crow sits down with Dean Parsons, one of the most recognized names in the OT and industrial control systems (ICS) security world, for a candid and insightful conversation.

Join Aaron and Dean as they explore what it truly takes to bridge the worlds of IT and OT. Drawing from decades of industry experience, their discussion covers everything from building trust across teams, to the superpower of understanding both operational technology and cybersecurity. Expect real-world stories, practical advice on breaking into OT cybersecurity, and memorable lessons from the plant floor to the boardroom.

They also break down what makes OT security fundamentally different from traditional IT approaches, why risk-based strategies are essential, and how building relationships, sometimes over donuts and coffee—can be just as important as deploying firewalls and patching systems. Whether you’re new to ICS and OT security, or a seasoned defender looking for fresh perspective, this episode brings actionable tips, honest assessments, and inspiration to help you better protect what matters most.

So grab your hard hat (and maybe a box of donuts!), and get ready for a masterclass on collaboration, building skills, and why trust is the real currency in the fight to secure our critical infrastructure.

Key Moments:

05:32 Listening Over Speaking in Legacy Spaces

07:01 IT Security Teamwork and Trust

11:21 Cost-Efficient ICS Security Solutions

15:42 Converging Skill Sets in IT Security

17:36 OT vs IT: Different Risks

22:28 Prioritizing Post-Assessment Actions

23:20 Prioritize SANS ICS Critical Controls

29:31 Engineering Perspective on Critical Assets

30:47 Detecting Misuse of Control Systems

35:52 Collaborative Incident Response Dynamics

39:03 Remote Hydroelectric Plant Journey

40:45 Building Trust with Baked Goods

44:55 "Safety Crucial in Facility Disruptions"

48:50 ICS Security: Closing Safety Gaps

53:37 Enhancing ICS Security Controls

57:18 "ICS Summit and LinkedIn Activities"

About the guest :

Dean is the CEO and Principal Consultant of ICS Defense Force and brings over 20 years of technical and management experience to the classroom. He has worked in both Information Technology and Industrial Control System (ICS) Cyber Defense in critical infrastructure sectors such as telecommunications, electric generation, transmission, distribution, and oil & gas refineries, storage, and distribution, and water management. Dean is an ambassador for defending industrial systems and an advocate for the safety, reliability, and cyber protection of critical infrastructure. His mission as an instructor is to empower each of his students, and he earnestly preaches that “Defense is Do-able!”

Over the course of his career, Dean’s accomplishments include establishing entire ICS security programs for critical infrastructure se...

In this episode, host Aaron Crow dives deep into the intersection of IT and OT cybersecurity with special guest Gavin Dilworth—a plant operator turned automation engineer and cybersecurity expert. Listen in as Gavin shares his candid and often humorous journey from factory floors to global consulting, including how a workplace near-miss sparked his “lightbulb moment” about the similarities between health and safety and cybersecurity.

Aaron and Gavin discuss everything from operators’ creative workarounds on the plant floor, to the importance of trust and rapport between IT and OT teams, and why having hands-on experience is key to building effective cybersecurity programs in critical infrastructure environments.

You’ll also hear real-world stories of technology mishaps, the critical role of plant culture, and the practical challenges organizations face in securing legacy systems while keeping operations running.

If you want honest, relatable insights and actionable advice on bridging the IT-OT divide—and a few laughs along the way—this episode is for you.

Key Moments:

10:12 Operator Rounds and RFID Challenges

12:56 Operators' Ingenuity and Knowledge

21:29 IT vs. OT: Firmware Update Challenges

26:49 Understanding and Accepting Risk

28:12 Standards, Frameworks, and Continuity

33:08 High Voltage Safety Precautions

40:41 Bridging OT and IT Skills

43:46 Cybersecurity Cross-Training Surge

52:38 CISO Knowledge Gap in OT Security

54:32 "Experience: Essential for Understanding"

01:03:34 DCS System Configuration Challenges

01:06:52 Neglecting Redundancy Risks Operations

01:11:00 Optimizing Underutilized IT Resources

01:20:04 "Understanding Systems Before Advice"

01:22:06 Old Cables Remain Untouched

About the guest :

Gavin Dilworth’s career took an unconventional path. As a plant operator, he was tasked with keeping production running smoothly and monitoring sensor readings, both on the computer and around the factory. However, Gavin was never quite the model operator—rather than dutifully making rounds and comparing readings, he often found himself absorbed in books, dreaming of a future in IT. Though he laughs about being a “pretty terrible operator,” Gavin’s story reflects his early drive to pursue his true interests in technology, even when duty called elsewhere.

How to connect Gavin :

Linkedin : https://www.linkedin.com/in/gavin-dilworth/

Website: https://assessmentplus.co.nz/

Connect With Aaron Crow:

• Website: www.corvosec.com

In this episode, host Aaron Crow welcomes lifelong cybersecurity professional Paul Marco to the podcast. Fresh off of a fun, bourbon-fueled appearance on Paul and Evan’s podcast, Cyber After Hours, Aaron and Paul sit down for a candid conversation that covers everything from the pitfalls of shiny new cyber tools, to the real-world challenges of defending both networks and people.

Tune in as they discuss the importance of making the most of what you already have, the realities of cyber as a “cost center,” and how availability increasingly trumps confidentiality in today’s threat landscape. Paul shares powerful insights from decades in cyber operations, the difference between theory and real value, and why storytelling and business skills are now just as vital as technical chops.

From protecting small businesses to demystifying the impact of AI and quantum computing on everyday cybersecurity, this episode is packed with practical advice, plenty of war stories, and even a few laughs. Whether you’re a seasoned security pro or just starting out, you won’t want to miss this lively and wide-ranging discussion on how to protect it all.

Key Moments:

05:38 Tech Rationalization Over Product Dependence

10:42 "Cybersecurity: A Costly Necessity"

17:44 Privacy Is Obsolete

25:51 Cyber Crime Funds Dark Activities

26:39 "Preventing Cyber-Facilitated Crime"

37:50 "Exploiting AI: Ethics Versus Greed"

46:44 Understanding Business Elevates Cybersecurity

48:01 Broadening Skills Beyond Cybersecurity

54:19 CISOs Need More Than Tech Skills

58:56 "Tech Threatens Critical Thinking"

About the guest :

Paul is the Co-Founder of TALAS Security and the Co-Host of the Cyber After Hours Podcast. With over twenty years of experience in IT and Cybersecurity, Paul is a senior cybersecurity leader who has built, maintained, and operated enterprise-grade Cybersecurity programs in highly complex environments. His expertise lies in taking a "controls first" approach to Cybersecurity. He specializes in designing programs that maximize the use of existing capabilities to balance both defense and compliance to accelerate organizational maturity. He creates sustainable solutions that enable organizations to effectively manage their cybersecurity risks and is committed to staying ahead of the curve in an ever-evolving cybersecurity landscape and helping organizations securely achieve their business objectives.

How to connect Paul:

LinkedIn: https://www.linkedin.com/in/pm01/

Talas Security: https://www.talas.io/

Cyber after Hours Podcast: https://www.cahpodcast.com/

Connect With Aaron Crow:

• Website: www.corvosec.com

In this episode, host Aaron Crow is joined by his longtime friend and fellow OT (Operational Technology) aficionado, Oren Niskin. Oren dives into his unconventional journey from Navy electrician to offshore rig automation, through to OT cybersecurity consulting—sharing the highs, the lessons learned, and the unique perspective gained from crawling through the “belly of the ship” rather than a college lecture hall.

Aaron and Oren discuss the real-world value of hands-on experience versus formal education, the evolving relationship between IT and OT teams, and why personal branding and communication skills are key for career growth in the cybersecurity field. They unpack the challenges and misconceptions around patching in the OT environment, and Oren reveals practical advice from his recent presentation on how organizations can dramatically reduce their vulnerability management workload while maintaining operational safety.

Tune in for thoughtful reflections, war stories from the rig, and actionable tips for aspiring and seasoned cybersecurity professionals alike—plus a heartwarming nod to inspiring the next generation. Whether you’re just getting started in OT or looking to take your cyber game to the next level, this episode is packed with honest advice and community spirit.

Key Moments:

05:58 College: Not the Ultimate Answer

08:26 Consulting Perspective Accelerates Career Growth

13:36 "Building Value with Personal Branding"

16:49 "Everyone's a Salesman Everywhere"

19:44 "Patching Essential for System Health"

21:14 Firmware Updates Resolve Most Issues

26:18 Robots Dominate Manufacturing Line

28:08 Prioritizing Critical Drilling Vulnerability Fixes

33:29 "Prioritizing Business-Critical Systems"

36:57 Cyber-Resilient Tech Design

39:20 "Virtualization Best Practices: Snapshot Safety"

41:18 OT Cybersecurity: Focus on Basics

44:37 Unexpected Changes Disrupt Startup Plans

47:44 "Building Trust in Business"

50:52 "IT-OT Collaboration Importance"

Oren Niskin – From the Navy to OT Cybersecurity: Bridging the Gap Between the Plant Floor and Secure Operations

Oren Niskin is an OT cybersecurity consultant with over two decades of hands-on industrial experience spanning the U.S. Navy, offshore drilling operations, and global OT network management. His career began not in a classroom, but aboard the USS Harry S. Truman, where he served as an electrician and shutdown reactor operator after enlisting in the Navy post-9/11.

Since then, he’s steadily climbed the OT ranks—from maintaining electrical systems at sea to managing IACS networks for a global fleet of drilling rigs, and now, advising critical infrastructure on how to secure their operational environments. Oren brings a rare combination of deep technical insight and real-world plant floor experience to the evolving challenges of OT cybersecurity.

He holds a Bachelor's degree in Nuclear Engineering Technology and a Master’s in Information Security Engineering from the SANS Institute. Oren is passionat...

In this episode, host Aaron Crow sits down with cybersecurity professional Blake Hoge for an unscripted deep dive into the world of IT, OT, and everything in between. In this engaging conversation, Aaron and Blake share their personal journeys through the cybersecurity landscape—from consulting roots and data center audits, to navigating third-party risk, compliance programs, and even some unforgettable experiences in global call centers and power plants.

This episode goes beyond the technicalities, exploring the importance of hands-on assessments, the unexpected vulnerabilities that linger in even the most sophisticated environments, and why fresh eyes are crucial for spotting hidden risks.

Aaron and Blake also open up about their favorite use cases for AI—both on and off the job, and how these evolving tools are reshaping everything from incident response planning to everyday productivity.

But it’s not all about cyber threats and compliance checklists. The conversation takes a thoughtful turn as the two discuss the vital role of mental health, physical wellness, and community in sustaining long careers in high-pressure fields. From rucking at dawn and cycling in Moab to decompressing at cyber shootouts and embracing new technologies, Aaron and Blake remind us that protecting it all starts with taking care of ourselves and each other.

Join us for a lively, candid episode packed with actionable insights, relatable stories, and a reminder that cybersecurity is, above all, a people business.

Key Moments:

09:47 Power Plant Fire Recovery Chaos

13:36 Infrastructure Maintenance & Security Compliance

16:10 Access Control Testing Concerns

23:22 "Design Process: Theory vs. Reality"

31:22 Dynamic Incident Response Planning

33:07 Commitment to Security and Transparency

39:21 Customized Consultancy for Unique Needs

47:05 "Understanding Contract Essentials"

50:42 In-House AI to Safeguard Data

57:47 AI Simplifies Search and Booking

59:13 Mental Wellness Strategies in Tech

01:03:52 Fitness and Energy Through Activity

01:10:44 "Business is a People Endeavor"

About the guest :

Blake Hoge leads third-party security at Airbnb, strengthening partnerships, and founded AmplifyGRC to support small businesses in building security and trust. At Instacart, he developed and scaled security and trust programs and compliance programs. At Salesforce, he managed security for global data and call centers. With over a decade in governance, risk, and compliance, Blake holds CISA, CDPSE, and PMP certifications, reflecting his expertise. Blake lives in the greater Austin, Texas area, and enjoys connecting with other professionals locally.

How to connect Blake:

Linkedin page: https://www.linkedin.com/in/blakehoge/...

In this episode, host Aaron Crow dives deep into the buzzing world of AI in cybersecurity, joined by special guest Amy Tom, Community Manager at D3 Security. With everyone chatting about AI these days, Aaron and Amy cut through the noise to explore how artificial intelligence is shaking up Security Operations Centers (SOCs)—from automating manual processes to transforming traditional analyst roles.

Amy shares her unconventional journey into cybersecurity, demystifies what it means to be a "nerd translator," and unpacks how AI-driven platforms like D3’s Morpheus are changing the game for SOC teams.

Whether you’re a student considering a path in cybersecurity, a seasoned pro, or just curious about the future of AI in this field, you’ll hear practical advice, real-world examples, and insight into both the promise and challenges of adopting AI in high-stakes security environments.

Plus, they touch on hot topics like AI fatigue, the evolving role of junior analysts, and the importance of business and communication skills in tech. Tune in for a candid, informative conversation to get you up to speed on one of cybersecurity’s most exciting frontiers!

Key Moments:

04:27 "Nerd Translator: Bridging Tech Gaps"

08:29 "Questioning Data Metrics and Value"

10:57 AI Streamlining Security Automation

15:14 "AI and Low-Code Automation Evolution"

17:27 API Management Complexity

22:12 Migrating from Legacy SOAR Platforms

26:55 Streamlining Phishing Response with SOAR

36:05 AI-Driven Incident Remediation

39:49 AI Summaries vs. Human Summaries

41:19 Effective Communication for All Audiences

46:24 AI Transforming SOC Analyst Roles

48:33 Versatile Skills Boost Career Success

51:58 "Explore and Experiment Creatively"

About the guest :

Amy Tom’s journey into cybersecurity is anything but conventional. With no background in IT or security, she started out answering phones, unsure of how to respond to technical questions and heavily relying on engineers for answers. Through curiosity and persistence, Amy asked questions, learned on the job, and gradually built a deep understanding of the cybersecurity landscape. Today, she works on the business side, supporting engineers and helping solve real problems by bridging the gap between business needs and technical solutions. Her path is a testament to learning by doing and growing into expertise through determination and collaboration.

How to connect Amy :

LinkedIn: https://www.linkedin.com/in/amymtom/

D3 security podcast: https://d3security.com/lets-soc-about-it-podcast/=

Connect With Aaron Crow:

• Website: www.corvosec.com