Send us a text

While I’ll resist drawing comparisons about industrial cybersecurity to butterflies and bees, producing this episode did remind me of another great Muhammad Ali quote: "The hands can't hit what the eyes can't see.”

This could provide an easy segue into the ongoing challenges about asset visibility, but really, it goes a bit deeper than that. In addition to being able to see all the things we need to defend against, we also have to understand what to look for in establishing those defenses. 

In this episode, we discuss  these challenges and solutions with Bryson Bort, the founder and CEO of SCYTHE, a leading provider of Adversarial Exposure Validation (AEV) solutions. Watch/listen as we also discuss:

• The increasing impact of hacktivists.
• The rise of ransomware gangs.
• What AEV is all about.
• Why there is no such thing as an accidental hack.
• The human impact on cybersecurity and why it is rarely the human's fault.
• How his former military life has impacted his cybersecurity career.
• Why supply chains could be the most important threat landscape going forward.

To check out the work he and his colleagues are up to, you can go to scythe.io, as well as icsvillage.com.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

Uptime. 

It’s the lifeblood of manufacturing and the precise target of industrial sector hackers. By knocking systems offline, stealing credentials, holding data for ransom, or crippling supply chains, the bad guys know their ultimate goals of disruption or extortion will be realized.

And as we’ve discussed numerous times here on Security Breach, keeping these bad actors out has become more and more difficult as new technology, connectivity and endpoints are added to the OT landscape.

Hackers are getting smarter and more complex, but the good news is so are the tools and strategies for the good guys. Here to offer some perspective on dealing with the leading threats targeting the people, systems and data of the industrial sector is a collection of experts focused on minimizing disruptions and preparing you to react and respond to cyberattacks.

Watch/listen as:

• Max Clausen, senior VP of Network Connectivity at Zayo dives into the factors and strategies driving DDoS or distributed denial of service attacks.
• John Carse, Field CISO at SquareX discusses the ongoing impact of developing and legacy vulnerabilities, as well as some of the novel strategies hackers are using to introduce new strands of highly disruptive malware.
• Amit Hammer, CEO of Salvador Tech talks about lessons learned from the recent Jaguar Land Rover attack and how response strategies will continue to play a key role in minimizing attack-related downtime.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

While there are plenty to pick from, one of the biggest challenges for cybersecurity professionals in the industrial realm can be getting financial support. In manufacturing there are always a number of viable spending options, and working to make cybersecurity a priority can be tough, especially when enterprises are faced with initiatives seen as more fundamental to the core mission of getting finished product out the door.

However, a couple of recent reports could help connect the dots between production and security, and the need to fund both.

First, there’s Adaptiva’s State of Patch Management Report that found 75 percent of manufacturing companies have critical vulnerabilities with a CVSS score of 8 or higher, and 65 percent have at least one vulnerability listed in the CISA Known Exploited Vulnerabilities Catalog. So, hackers know about these weaknesses and they’re taking advantage of them.

And, according to Black Kite’s 2025 Manufacturing Report, 51 percent of those surveyed indicate that patching has become a bigger challenge than intrusion detection, and more than 75 percent indicate that both IT and security must approve patches before deployment.

Reading between the lines – patching takes too long and is too complicated, so the vulnerabilities persist and the hackers keep winning.

Watch/listen as we discuss these and other topics with Chaz Spahn, the Director of Product Management at Adaptiva. 

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

When talking to the experts and leading authorities that have participated in the 140+ episodes of Security Breach, there’s always a slight pause when directing their attention specifically to the industrial sector. That’s because, well, we’re special. 

There’s the unique juxtaposition of old and bleeding edge technology. 

There’s the influx of greater connectivity combatting the struggles to identify and secure the growing number of endpoints. 

And there are the ongoing battles related to secure-by-design responsibilities, cloud networks and the ever popular building and breaking down of IT/OT silos. 

The good news is that we’re getting better. Better at identifying the problems and better at elevating solutions from some of the sharpest minds in the sector. And we’re fortunate to be able share these insights from an incredible collective on today’s episode.

Watch/listen as Max Clausen, senior VP of Network Connectivity at Zayo, John Carse, Field CISO at SquareX, Sophos’ Chester Wisniewski and ExtraHop’s Chad Lemaire tackle topics that include:

• Visibility
• Secure-by-Design
• Artificial Intelligence
• IT/OT Silos
• Patching
• LOTL and Phishing Attacks
• Non-standard OT Architecture

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

I know that we’re constantly talking about artificial intelligence - the best ways to use it, the ways hackers are using it, and the overall good, bad and ugly of implementing AI into your security infrastructure.

But what if we took a little different route.

In this episode we're going to explore how AI can help make your people better at managing cybersecurity. We know there’s a huge talent pool shortage, and the challenges of keeping employees vigilant against repeated attacks continues to grow.

So, watch/listen as I explore these dynamics, well as many others, with Grant Oviatt - Head of Security Operations for Prophet Security – a company that recently unveiled their State of AI in SecOps 2025 research report. A lot of the data from the report was rather shocking, especially when the survey repeatedly uncovered how many SOCs, inundated with constant intrusion alerts, have experienced numerous breaches simply because the volume of critical alert notifications has made them easier to ignore.

It was a great conversation, with numerous takeaways, including:

• Why 60 percent of security teams have experienced critical breaches stemming from overlooked alerts.
• How security leaders anticipate AI solutions handling more tasks within the SOC over the next 3 years.
• Reasons for 57 percent of organizations deliberately suppressing detection rules and accepting higher risks to keep operations moving.
• How hackers are using AI beyond just phishing campaigns to get access to critical assets and networks.
• How the industrial sector can better implement AI without yielding to internal pressures.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

Discussing the ever-expanding threat landscape is something we do a lot on Security Breach, but this episode is dedicated exclusively to topics like zero-day vulnerabilities, nation-state threats, phishing schemes, ransomware, and of course, the role artificial intelligence continues to play in making the good guys smarter and the bad guys tougher to pin down.

But we’re not doing to dwell on the doom and gloom, we’ll also touch on the growing number of solutions and strategies that can help ensure your OT environment is as secure as possible.

To help guide us on this journey, we’ll first hear from Chad LeMaire at ExtraHop, followed by Chester (Chet) Wisniewski at Sophos. Watch/listen as we discuss:

• Llegacy and human-based vulnerabilities.
• Ransomware.
• Deepfakes.
• Patch management.
• Supply chain defenses.
• Social engineering ploys.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

As loyal listeners of this podcast know, I’m a big believer in paying close attention to the little things, the blocking and tackling, the basics, the fundamentals. All those elementary elements that comprise the building blocks of stronger cybersecurity plans and successful defensive strategies. 

Spoiler alert – that comes through again … and again in this episode, but what makes it worth your time is how my guest, Jesper Sønderby Andersen, the Global Head of Customer Success at Secomea, goes beyond just discussing how all these little things can both kill and cure you cyber defenses, but how they all should fit together. 

If you’ll allow me to channel a childhood hero, Hannibal Smith from TV’s The A-Team, it’s not just about the plan, but how it comes together. Listen as Jesper and I discuss:

• How football coach Bill Belichick influenced his cybersecurity philosophy.
• The growing importance of breaking down silos in establishing accountability for remote access management.
• Why IT approaches do not work in OT.
• The similar and unique challenges of managing remote access with employees and vendors.
• Why proper segmentation strategies are vital, but must start with asset visibility and a true understanding of your crown jewels.
• How attacks are continuing to increase due to the "little stuff" that goes unprotected, and why AI will help escalate the severity and success of these hacks.
• Why Jesper believes larger attacks will be felt from supply chain vulnerabilities.
• Reinforcing the competitive advantages of investing in cybersecurity.
• The importance of being a tool and technology enabler to improve security.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

As all of you know, there are no silver bullets when it comes to cybersecurity success in the industrial sector. Every enterprise has its own unique characteristics, each plant floor its different connectivity elements, and each business is comprised of diverse human dynamics that fuel its culture. 

However, regardless of the environment, there continues to be a handful of best practices that can be universally applied. As I journey across the cybersecurity realm, one of these reoccurring themes is avoiding that urge to “eat the elephant” or “drink the ocean” when implementing cybersecurity strategies. 

Rather, the thought process is to set priorities and check things off as you go. Our guest for this episode mentioned this numerous times, whether it comes to responding to an increasingly complex collection of threat actors, or tackling the right uses of artificial intelligence.

Watch/listen as we discuss a number of topics with Casey Ellis, Founder and Chief Strategy Officer of BugCrowd, including:

• The very real threat of IABs (initial access brokers) and state-sponsored hackers.
• How his organization works to reinforce why it's cool to be a White Hat.
• How thinking like a criminal helps improve defenses through penetration testing and other exercises.
• Developing strategies that prioritize resilience over perfection.
• Integrating new technologies with patching in mind.
• Using AI to develop faster response times and focusing on "which part of the elephant to eat first," instead of doing "stupid stuff" because of the pressure to implement it.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

We’ve heard it before – hacker tactics are not changing, but the hackers are getting a lot smarter in how they deploy their time-tested attacks.

Additionally, honing in on the human element of cybersecurity is nothing new. We’ve spoken with numerous guests about getting buy-in, improving training, and how creating a cyber-receptive culture is key in getting any cybersecurity plan to stick.

But Dave Taku, Head of Product Management and User Experience at RSA, and our guest for this episode, offers some unique takes on how these two key variables are intersecting to create new challenges in industrial cybersecurity. He also discusses recent findings found in RSA's ID IQ Research report. Watch/listen as we discuss:

• How attacks are focusing more on humans than networks or systems.
• Evolving hacking strategies like prompt bombing that's focused on stealing credentials or bypassing logins.
• The role AI can play in establishing ways to improve employee training and address the biggest threat to OT security - people.
• Ways to manage remote access without sacrificing identity security best practices.
• Strategies that make zero trust and other identity security tools more user-friendly.
• How AI is helping manufacturers establish priorities in achieving asset visibility.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

Who are you?

This episode dives into one of the most challenging cybersecurity topics currently on the docket – identity management. 

My conversation with Brandon Traffanstedt, Sr. Director and Global Technology Officer at CyberArk, took us in two equally important directions. The first deals with individuals and how to properly manage those accessing your systems and networks. The second, equally as challenging, but potentially more complex, focused on machine or asset identities and understanding how to keep this sprawling attack landscape more secure. 

Perhaps most interestingly, Brandon also offers some insight on cookies-based attacks and how, like so many cybersecurity challenges, the answers doesn’t lie in the tech stack.

Watch/listen as we also discuss:

• Solving identify management strategies by finding baseline controls.
• The unique dynamics of manufacturing when it comes to risk analysis and establishing these baselines.
• The role of asset visibility when it comes to identity management strategies.
• How to prevent those age-old turf battles between IT and OT.
• Why machine identities might pose the greatest cybersecurity risk.
• The importance of empathy in getting people to buy in to cybersecurity strategies and training.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

I’m always tempted to start out each episode by talking about a problem, and then setting up our guest as the solution to that problem. It’s formulaic and a bit redundant, but it’s also effective. So I’ll apologize in advance because I’m about to do that very thing again. 

The difference is that Howard Grimes, the CEO of the Cybersecurity Manufacturing Innovation Institute (CyManII) is looking to help provide a lot of solutions for manufacturers. As we discuss workforce challenges, secure-by-design, an evolving threat landscape and the ongoing struggles with legacy OT infrastructure, I’ll challenge you to find something that the Institute couldn’t help you and your organization jumpstart, solve or streamline.

Watch/listen as we discuss:

• The most significant vulnerabilities still impacting manufacturing.
• Why the industrial sector struggles to find OT cybersecurity specialists, and strategies that are helping to fill this gap.
• The growing prominence of secure-by-design and how the responsibilities for these strategies are shifting.
• The areas where legacy OT technology are hampering cybersecurity efforts the most.
• Why the "Ostrich Approach" can no longer be tolerated.
• The new focal points of attackers and how these are shifting based on hacker resources.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

Insider threats are creating new attack vectors, but old-school solutions could rise to the challenge.

Regardless of the situation or dynamic, everyone likes to think that they’re special. However, with experience we learn that appreciating both the shared similarities, as well as some of those unique traits, are how we can best solve problems. 

A great example is a recent conversation I had with Umaimah Khan, founder and CEO of Opal Security – she goes by UK for short. Her firm focuses on the identify management sector of cybersecurity. 

What UK constantly reinforced is that the industrial sector is not alone in trying to figure out the best ways to manage and secure human, equipment and asset identification. So, while some of the application challenges are unique, there’s a lot of strategies to draw from in determining what might be best for your enterprise.

Listen as we discuss:

• The challenges of identify management at both the human and machine levels.
• The need for fluid change management when it comes to determining who can access what, and at what level.
• Why the success of any cybersecurity initiative will be about what the human can or can't do, not the machine.
• How many security vulnerabilities are created by a "perfect storm of poor communication."
• Breaking down silos, which have created "security by obscurity."
• The new attack vectors poor identity management is creating.
• The evolving role of agentic AI in industrial cybersecurity. 

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

In many instances the biggest challenge facing OT cybersecurity practitioners is knowing where to focus resources, especially their time. In other words, what are the priorities for the enterprise, facility and people?

I recently sat down with Securin's Lead Threat Intelligence Analyst - Aviral Verma. And while I anticipated a conversation focused on vulnerabilities and the threat landscape, discussing these topics led to deeper dives on a range of topics that also included breaking down IT/OT silos, artificial intelligence, the dark web and patching strategies. 

Listen as we discuss:

• The transformation of threat actors and how they've been able to cut timelines for exploiting vulnerabilities to 15 days.
• How hackers are using Dark Web versions of ChatGPT to design more effective credential and data harvesting schemes.
• Why the security of every software platform, especially those embedded within industrial assets, cannot be assumed.
• How the legacy dynamic of many OT assets has led hackers to exploit vulnerabilities that have been around for as long as five years.
• Addressing patching challenges by breaking down silos and getting a deeper understanding of the unique elements of each OT environment.
• How threat detection needs to evolve, especially with state-sponsored hackers executing "quieter" strategies for attacking manufacturing and critical infrastructure. 

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

One of the great things about covering industrial cybersecurity is the number of reports, studies and white papers being produced right now to help provide intelligence on threats, research on new tools, and data on leading trends.

The tough part is sorting through all this data and, at some point, prioritizing it in order to get the most and best information.

One source that I look forward to each year is IBM’s X-Force Threat Intelligence Index. It’s full of all that stuff I just mentioned, but will special attention paid to the industrial sector. 

Unfortunately, some of that attention results from manufacturing being the most highly attacked industry for the fourth consecutive year. Also, according to the Index, it had the most ransomware incidents in 2024.

But, as Chris Caridi, a Cyber Threat Analyst for the X-Force and our guest for today’s episode shared with me, the news is not all bad. Watch/listen as we discuss:

• The rise in infostealer malware, credential harvesting and phishing attacks.
• The importance of understanding how to secure new technology before investing and implementing it.
• Why most cybersecurity issues are a human problem, not a technical problem.
• Why multi-factor authentication is now a must for OT connections.
• The misconfiguration errors that continue to plague manufacturing, and how they create a series of other cybersecurity problems.
• How manufacturing's cybersecurity journey is similar to the financial sector 10 years ago, and why this should be source of optimism.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

Endpoint security tools worked, but the hackers worked harder for their payday.

While everyone likes to know how someone else might have screwed up and what the fallout looks like, the more import elements of episodes like this one come from the in-depth conversations about new tactics and strategies that are being used by the bad guys, and simultaneously, the insight on new best practices for the good guys.

So while I did enjoy diving into how the ransomware group Akira was able to use webcam access to infiltrate an organization, it was also great to discuss the evolution of these hacking groups, EDR tools, dark web monitoring and the need for better credential security with Steve Ross. He’s the director of cybersecurity at S-RM, a leading provider or cyber intelligence and solutions.

Watch/listen as we also discuss:

• Endpoint Detection and Response (EDR) tools.
• The rise of Akira, and the evolving symbiotic strategies used by this and other RaaS groups.
• Patching challenges.
• The growing need for dark web monitoring.
• The continued rise in login/credential harvesting.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

We talk a lot about the growing complexity of hacking groups and how their tools and tactics continue to evolve. One such evolution is the ongoing specialization that runs rampant throughout the black hat community – especially when it comes to ransomware. 

The rise of initial access brokers, affiliate programs, spoofing domain creators, dark web communities, and more are fueling ransomware-as-a-service groups and posing new cybersecurity challenges. 

And while numerous reports detail the rise in ransomware attacks and the escalating amounts being paid in seeking a reprieve from denial of service, data extortion, and supply chain hacks, one recent finding really stood out. In their annual State of Ransomware Report, Blackfog stated that manufacturing had the highest number of undisclosed ransomware attacks, when compared to all other industries. 

So, as tough as we know the ransomware challenge is – it’s actually a bit worse than we acknowledge because of the growing number of attacks that go unreported. Fortunately, we have an army of highly skilled individuals working to combat these threats. And that includes our guest for today’s episode - Fortra's senior manager of domain and dark web monitoring solutions, Nick Oram. Watch/listen as we discuss:

• The surge of new ransomware tactics and groups, like RansomHub.
• The origins and continued growth of Initial Access Brokers (IABs) within the ransomware community.
• How affiliate programs are helping both RaaS and IAB groups increase their rate of successful attacks.
• Why dark web monitoring might be more important than ever for manufacturers.
• The ongoing "we adapt", "they adapt" dynamic.
• How to better educate the workforce and shift from a "blame and shame" response to phishing and other types of attacks that leverage human error.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

Breaking down silos while securing the cloud and leveraging secure-by-design advancements.

The challenges facing the industrial OT landscape that emanate from external sources are … varied, complex and constantly evolving. Smarter hacking groups, AI-driven phishing schemes and deceptive malware viruses head the list of concerns.

And while these factors show no signs of fading, the reality is that there are just as many challenges facing industrial cybersecurity that are embedded within the very foundation of our operations. These legacy dynamics have created internal battles that absorb valuable resources, waste precious talent and help the bad guys stay a step ahead. 

With this in mind, we’re going to tap into two key industry leaders to get their take on pressing, internal liabilities that are ensuring key production assets remain exposed. We'll hear from Silverfort’s Rob Larsen, as he discusses the ongoing struggles created by IT/OT silos, as well secure-by-design initiatives. 

Mandiant’s Paul Shaver will also offer his take on these silos, and how decisions related to cloud networking are impacting the security stature of key data, assets and network connections.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

One of the goals of the show is to help you better understand all the threats facing your OT assets, your data and your people. In order to do that, we work to identify those individuals with a feel and in-depth understanding of these threats and the evolving network of threat actors.

And I can’t think of anyone better to break down the hacker landscape than an individual whose research has led to being followed by well-known data breachers on social media and considered persona-non-grata in countries housing many of the most notorious state-sponsored hacking groups in the world. 

It’s my pleasure to welcome Jeremiah Fowler back to Security Breach. You might remember that we originally spoke to him regarding a huge ERP data vulnerability last summer.  

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

When we talk about the threat landscape for the industrial sector, the eye-catching, headline-grabbing hacking groups with nefarious names typically lead the list of concerns. And while understanding their well-publicized exploits are important, what is often overlooked are all the little things these groups were able to do before dropping malware, shutting down networks, extorting ransoms, and stealing data.

This is where taking the time to address those insecure connection points, update login credentials or patch zero and one-day vulnerabilities continue to be essential in the fight to safeguard operational technology and the industrial control system. But, the reasons these problems remain is that the solution is never as simple as it sounds. So, hopefully our collection of experts for this episode can help show you the way.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

While we’re still in the infancy of 2025, the New Year has proven to have no issues in welcoming in a number of pre-existing challenges – whether we’re talking about cybersecurity or … other social topics.

So, in continuing this trend, we tapped into a unique collection of voices to discuss a topic that has, and will continue to be, vital to industrial cybersecurity efforts – Artificial Intelligence. 

First, we’ll hear from Mandiant’s Paul Shaver as he discusses the legacy dynamics of industrial cybersecurity, including ongoing obstacles associated with inventory, visibility and segmentation strategies – and the impact AI could have on all of them. 

Then we’ll transition to HackerOne’s Will Kapcio for his take on AI and the ongoing evolution of cybersecurity tools. 

We’ll wrap up with instructor and the author of the Hack is Back as he discusses what drove his desire to write the book, the impact AI is having on the next generation of cybersecurity specialists, and the evolving vulnerabilities they can expect to face.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

The continued evolution of the CyberAv3ngers hacking group and its IIoT-focused malware.

We talk a lot about change on Security Breach. Some of it’s good and obviously some of it makes us want to tear our hair out. Well, this episode, surprisingly, should go easy on the scalp, even though it will focus on the IOCONTROL malware strand recently detected by Noam Moshe and Claroty’s Team82. 

The malware is described as a custom-built IoT/OT strand created by the Iran-based hacktivist group, the CyberAv3ngers. The malware targeted OT/IoT devices in Israel and the U.S. Moshe’s team detected the malware being used to attack IoT and SCADA/OT devices of various types including IP cameras, routers, PLCs, HMIs and firewalls. 

Typically, this is the part of the story that takes us down a dark and frustrating road, but as you’ll hear, that’s not necessarily the case this time.

For more information on Team82’s findings on IOCONTROL, click here.

Also, just a bit of housekeeping – we’re switching the frequency of Security Breach from weekly to bi-weekly. This change will allow me to spend more time on each episode, which will translate to greater depth and expanded coverage on all the pressing topics of industrial cybersecurity. 

And remember, this is your podcast – let me know your thoughts and feelings on the change and anything else you’d like to see on the show.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

Winston Churchill famously stated that, “Those who fail to learn from history are doomed to repeat it.” 

His concerns about applying lessons learned to post WWII foreign policy initiatives rings just as true in the current cybersecurity climate. So, in an effort to ensure we repeat as few of 2024’s mistakes in 2025, we’re going to take a look at some of the industrial sector’s biggest exploits, and offer solutions and strategies in our ever-raging combat with the Black Hats. Watch/listen as we cover:

• A unique supply chain hack that came up during our conversation with Theo Zafirakos, a Cyber Risk and Information Security Expert at Fortra.
• The fall of 2024 brought security compromises to the front door of a number of prominent industrial enterprises, including Halliburton.
• In early August millions were impacted when National Public Data, a major data broker that performs background checks, reported that 2.9 billion personal records from over a million individuals in the U.S., the U.K. and Canada were accessed.
• Ford Motor Company was also a target, with a data breach that saw hacking groups steal 44,000 records containing personal and product information.
• Anna Wells, executive editor of Manufacturing.net and Manufacturing Business Technology, brought us coverage of a hack that has crippled a global beverage maker.
• We close out with a story from early this year describing how some of the basic tools found throughout a manufacturing plant can become pathways for the innovative hacker.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

As we begin to close out 2024 and look ahead to 2025, I couldn’t resist the urge to revisit some of my favorite guests from the last couple of months.

While I’m grateful for everyone we’ve had on the show, and all the support we continue to receive from the industrial cybersecurity community, I felt these comments were worth another listen, with special focus being given to a handful of the most critical issues confronting our OT environments. 

First, we hear from Jon Taylor (1:16) at Versa, as he discusses a unique approach to patching and secure-by-design strategies that involve the development embedded micro-segmentation approaches. 

Next, we’ll hear from Cloud Range’s Tom Marsland (11:18)  as he discusses the continued challenges presented by data silos, and innovative ways to address the shortage of cybersecurity specialists. 

Then we’ll turn to Baker Tilly’s Jeff Krull (19:42) as he reports on ransomware gangs and their combination of new and old tactics. 

And we’ll finish up with cybersecurity researcher Jeremiah Fowler (29:40) as he discusses some of the ongoing challenges about addressing persistent vulnerabilities.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

According to Fortinet’s 2024 State of Operational Technology and Cybersecurity Report, 43 percent of those surveyed reported a loss of business critical data or intellectual property so far in 2024– a number this is up nearly 10 percent from last year. 

And we all know what happens with this hijacked data. 

Per the World Economic Forum’s May 2024 white paper, the number of ransomware attacks on industrial infrastructure doubled in 2023, boosting ransomware to the leading concern for manufacturers, with 40 percent citing it as their top issue. While that may not surprise you, this might - due to the many challenges we’ve discussed here on Security Breach, the industrial sector now accounts for 71 percent of all ransomware attacks. 

Our data is valuable and the hackers know it.

To offer some perspective on protecting this data, we sat down with Karthik Krishnan, CEO of Concentric.ai – a leading provider of data security posture management solutions. Watch/listen as he provides insight on:

• Prioritizing and limiting data access to lessen the blast radius.
• How data, especially customer data, is essentially the "new oil."
• Reversing your mindset to think about "data out" instead of "user in".
• The generative AI advancements that continue to be made, and how they're producing more complex phishing and ransomware attacks.  
• Why it has become easier for hackers to get a foothold on your network.
• The best ways to shore up your weakest security link - employees.
• How it all starts with data discovery and visualization, then prioritization.
• A look at the money involved with remediation and response costs versus proper planning and defense prep.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

Next to artificial intelligence, one of the biggest buzz terms in industrial cybersecurity right now might be SBOM, or software bill of materials. The term generates equal parts concern and eye roll as those entrusted with enterprise defense look to ensure that there are no embedded vulnerabilities amongst the data platforms they are both sourcing and utilizing within their offerings. 

Perhaps most frustrating is having to essentially reverse engineer a number of established products in order to quell security concerns. However, as frustrating as these efforts might be, the growing number of zero day hacks emanating from embedded security vulnerabilities will only continue to grow as we look to embed greater levels of sensor, software and AI-driven functionality. 

In this episode we hear from Marcellus Buchheit, President and CEO of Wibu-Systems USA, a leading provider of security solutions for embedded data and intellectual property. Watch/listen as we discuss:

• How vulnerabilities and risks need to be assessed beyond their expense to focus on updates, reconfigurations and the growing number of OT connection points.
• The need for SOPs that make it easier to assimilate cybersecurity into OT processes.
• Ways to more safely update the growing number of devices on the plant floor.
• Protecting IP and, more specifically, the software coding associated with it.
• The impact AI continues to have on increasing the sophistication of hacking attempts.
• Why all hacks are "highly preventable."
• The role of quantum computing and the steps to take in preparing for "Q Day".

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.