Dino sits down with Mike Holcomb, Fellow and Director of ICS/OT Cybersecurity at Fluor, to explore the critical, and often overlooked challenges in securing operational technology.

From his early fascination with hacking culture to leading OT security for one of the world’s largest engineering firms, Mike shares personal insights and lessons learned.

The conversation covers the delayed cybersecurity maturity in OT environments and the lasting impact of the Colonial Pipeline breach.

They address the crucial role of visibility, engineering partnerships, and cultural buy-in when building secure industrial systems.

Whether you’re managing pipelines, power grids, or manufacturing floors, this episode delivers actionable insights and strategic foresight for leaders protecting our most vital infrastructure.

Chapters:

• 00:00:00 - Why OT Security Still Falls Behind
• 00:01:03 - Mike Holcomb’s Unlikely Path to Cybersecurity
• 00:01:23 - Hacking Curiosity and a Love for Breaking Things
• 00:02:16 - From Network Admin to OT Defender
• 00:03:08 - Stuxnet, Colonial, and the Wake-Up Calls We Ignored
• 00:06:18 - When OT and IT Don’t Speak the Same Language
• 00:12:14 - Threats Are Getting Smarter — Are We Keeping Up?
• 00:26:29 - Evolving the Culture of Cyber Hygiene
• 00:32:14 - Final Takeaways for Security Leaders

Links And Resources:

• Mike Holcomb on LinkedIn
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino welcomes Kevin Kumpf, Chief OT/ICS Security Strategist at Cyolo to this episode. They discuss the growing challenges and evolving strategies around cybersecurity in industrial environments.

Kevin shares a seasoned perspective on bridging the gap between IT and OT, busting myths about Zero Trust certifications, and the dangers of underutilized security tools - or "shelfware."

From real-world examples involving breweries, milk production, and energy plants, the conversation uncovers how lack of visibility, broken remote access practices, and aging systems create critical vulnerabilities.

Most importantly, Kevin offers actionable advice for CISOs, CTOs, and plant managers on building resilient cybersecurity frameworks without disrupting operations.

Don't miss this episode full of practical advice from industry experts.

Chapters:

• 00:00:00 - Kicking Off: Why OT Cybersecurity Can't Wait
• 00:01:18 - Meet Kevin Kumpf: From Bank Vaults to Industrial Battlegrounds
• 00:02:56 - Hard Truths About Securing Operational Technology
• 00:06:42 - Shelfware Syndrome: Why Tools Fail Without Strategy
• 00:12:09 - Plant Managers, Vendors, and the Battle for Cyber Resilience
• 00:23:56 - Remote Access Exposed: The Hidden Risks Inside Your Plant
• 00:30:58 - Closing Thoughts: Building Stronger, Smarter Industrial Defenses

Links And Resources:

• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino and Craig address the recent acknowledgment by China of their role in U.S. infrastructure hacks. They explore the urgent cybersecurity challenges facing industrial environments.

With rising geopolitical tensions, tariffs, the push to bring more manufacturing back to the U.S. and increasing attacks on critical infrastructure, the stakes have never been higher.

From end-of-life PLCs still running core operations, to the disconnect between IT and OT leadership, this conversation identifies the systemic gaps leaving industrial operations exposed.

They outline the pressing need for visibility, actionable incident response plans, and a cultural shift toward collaboration across the stack, from plant floor to the boardroom.

Whether you’re a CISO or an operations lead, this episode offers real-world insights, battle-tested perspectives, and one clear takeaway: in cybersecurity, doing nothing is no longer an option.

Chapters:

• 00:00:00 - Kicking Off: Why IT-OT Unity Isn’t Optional Anymore
• 00:01:17 - Cyber Threats, China, and the Global Wake-Up Call
• 00:02:16 - CISA’s New Role: From Background Player to OT Ally
• 00:05:32 - Still Separate, Still Vulnerable: Why IT & OT Must Sync Up
• 00:09:48 - Blind Spots Kill: Why Visibility Is the Real MVP
• 00:10:43 - Remote Access Realities and the Myth of the Air Gap
• 00:20:29 - Crisis Mode: Are You Ready for the Worst?
• 00:23:50 - Dino & Craig’s Parting Shot: Do Something - Now

Links And Resources:

• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this special rewind episode, Dino Busalachi and Jim Cook address the messy but critical reality of implementing Zero Trust in operational technology (OT) environments.

Drawing from years of hands-on experience, they break down why traditional IT frameworks often fail on the plant floor, especially when facing flat OT networks, legacy assets, and limited change windows.

They introduce a "bucket approach" to segmenting and securing OT networks from the ground up. With real-world insights into asset inventory, process integrity, remote access challenges, and cross-functional collaboration, this episode is invaluable.

Whether you're a CISO, CTO, an OT engineer, or IT expert; this episode offers solid advice on navigating the convergence of IT and OT in complex industrial systems and environments.

Chapters:

• 00:00:00 – Why Zero Trust Doesn’t Fit the Plant Floor (Yet)
• 00:00:45 - Zero Trust : IT versus OT with Dino Busalachi and Jim Cook
• 00:15:59 - Zero Trust in OT: Adapting IT's Playbook for Enhanced Security

Links And Resources:

• Industrial Cybersecurity Insider
• LinkedIn Cybersecurity Group Page
• Dino Busalachi on LinkedIn
• Jim Cook on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Dino and Craig address the practicalities of building cyber resilience directly into manufacturing environments - rather than after the fact.

Using real-world analogies and field-tested insights, they break down why treating OT security like physical safety is crucial.

They challenge the outdated mindset of retrofitting cybersecurity protection after deployment of industrial plant floor equipment.

This episode covers all the key elements of protecting your plant floor. From the importance of designing cybersecurity upfront, to implementing the SANS 5 Critical Controls, specific to cybersecurity in operational technology (OT) environments.

Whether you're planning a greenfield build or managing legacy systems, this episode equips mid-to-senior leaders with actionable strategies to align IT and OT teams, boost visibility across XIoT assets, and future-proof operational environments in high-risk industries.

Chapters:

• 00:00:00 - Kicking Off: Why Cybersecurity Can’t Be an Afterthought in Manufacturing
• 00:01:52 - Dino’s Five Must-Have OT Security Controls You Should Already Be Using
• 00:03:45 - When IT and OT Collide: Real Talk on Silos, Strategy, and Responsibility
• 00:06:08 - You Can’t Protect What You Can’t See: The Visibility Wake-Up Call
• 00:11:24 - Build It In, Don’t Bolt It On: Making Cybersecurity Part of the Machine
• 00:19:26 - Lost Docs and Retiring Experts: Managing Risk Across the Lifecycle
• 00:20:41 - Dino and Craig’s Final Word: Start Now, Start Smart—Security Is the New Safety

Links And Resources:

• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity Insider Newsletter
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Dino and Craig dive deep into the disturbing talent exodus in cybersecurity. The discussion is sparked by Gartner’s prediction that 25% of cybersecurity professionals will leave the field in the next year.

They explore the growing gap between IT and OT teams, the lack of CISO influence in executive leadership, and the friction between cybersecurity goals and operational uptime.

With real-world anecdotes and hard-hitting insights, they unpack everything from rogue assets and malware in OT environments to the challenges of implementing EDR tools in live production lines.

Whether you're a CISO, CIO, or plant manager, this episode offers a candid look at the complex dynamics of securing industrial environments — and how collaboration is the only path forward.

Chapters:

• 00:00:00 – Kicking Off with a Brutal Reality Check on Cybersecurity
• 00:01:06 – Gartner Says 25% of Cyber Pros Are Leaving — Here’s Why That Matters
• 00:03:15 – IT vs OT: The Culture Clash Still Killing Cyber Progress
• 00:09:35 – Why the Wrong Service Partner Could Be Your Biggest Risk
• 00:14:05 – Malware, Rogue Assets, and the Ugly Truth About Your Plant Floor
• 00:18:22 – Real Strategies for Fixing the IT/OT Disconnect (Without Killing Uptime)
• 00:24:06 – Stop Talking. Start Acting. What Cyber Leaders Need to Do Today

Links And Resources:

• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity Insider Newsletter
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Dino and Craig tackle one of the most overlooked vulnerabilities in industrial cybersecurity: the unintentional chaos caused when IT security procedures are blindly applied to OT environments.

Using real-world examples like the CrowdStrike EDR failure, they illustrate how tools meant to protect can actually shut down production lines, cripple HMIs, and introduce massive operational risk.

They call out the air-gap myth, the need for shared authority between IT and OT, and the critical importance of context when deploying cybersecurity solutions on the plant floor.

For executives and practitioners alike, this episode is a wake-up call to rethink governance, accountability, and collaboration between traditionally siloed IT and OT teams.

Chapters:

• 00:00:00 – IT vs. OT: The Unspoken War
• 00:01:03 – Meet Your Guides: Dino & Craig
• 00:01:05 – IT/OT Explained… Without the Jargon
• 00:02:26 – How IT Crashed the Plant Floor
• 00:05:12 – Talk to Me Like I’m Production
• 00:08:53 – Security Priorities: Worlds Collide
• 00:13:40 – Vendors, Integrators & Invisible Risks
• 00:21:52 – Who Owns the Fallout?

Links And Resources:

• Cybersecurity & Digital Safety Group on LinkedIn
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino Busalachi sits down with Carlos Buenaño, CTO of Armis, to explore the evolving cybersecurity challenges in industrial control systems (ICS) and operational technology (OT).

Carlos shares insights from his extensive experience in process control engineering, industrial network security, and IT-OT convergence. He sheds light on how organizations can gain visibility into their OT environments, mitigate cyber risks, and implement effective security frameworks.

From real-world ransomware incidents to strategies for network segmentation and asset monitoring, this discussion provides actionable insights for anyone involved in securing industrial infrastructure.

Whether you're a plant manager, security leader, or IT-OT strategist, this episode is packed with valuable takeaways.

Chapters:

• 00:00:00 - The High-Stakes World of Plant Management and Control Systems
• 00:01:20 - Meet the Experts: Dino and Carlos on Industrial Cybersecurity
• 00:01:55 - From Engineer to CTO: Carlos’ Journey in Securing ICS
• 00:03:15 - Designing Secure Control Networks: Lessons from Australia
• 00:05:17 - IT vs. OT: Why the Security Approach Must Change
• 00:08:14 - Breaking Down IT-OT Conflicts and Finding Common Ground
• 00:13:52 - Hidden Cyber Threats in Industrial Control Systems
• 00:23:16 - How to Stay Ahead of Cyber Attacks in OT Environments
• 00:24:15 - Key Takeaways and Actionable Steps for Industrial Security

Links And Resources:

• Juan Carlos (Carlos) Buenaño on LinkedIn
• Cybersecurity & Digital Safety Group on LinkedIn
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!