
Cybersecurity Under Pressure. Real Attacks, Real Lessons
This podcast breaks down real cybersecurity incidents to understand what actually went wrong, not in theory, but in practice. Each episode analyzes a recent attack, explains the technical mechanics in clear language, and translates them into concrete lessons for security, engineering, and business teams. Topics covered include OT security, ICS cybersecurity, industrial control systems, critical infrastructure protection, NIS2 compliance, Zero Trust architecture, operational technology resilience, railway cybersecurity, automotive security, and cyber-physical systems.
Episodes
How EV Chargers Could Crash the Grid: The Cyber Risk Behind Mass Electrification
In this episode of Cybersecurity Under Pressure: Real Attacks, Real Lessons, we explore how electric vehicle chargers could become more than a mobility cybersecurity problem.As EV charging infrastructure grows, thousands of connected chargers start acting like distributed energy assets. Each charger depends on firmware, cloud platforms, payment systems, operator backends, remote maintenance, APIs
Defending Industrial Networks from Cyber Attacks: Why Resilience Beats Perimeter Security
In this episode of Cybersecurity Under Pressure: Real Attacks, Real Lessons, we look at what it really means to defend an industrial network when production, safety and uptime are part of the equation.Industrial environments are not protected by applying standard IT controls in isolation. Many plants still depend on legacy assets, flat network zones, fragile protocols, shared vendor access, engine
Industrial 5G and the Uptime Trap: When Connectivity Becomes a Production Risk
In this episode of Cybersecurity Under Pressure: Real Attacks, Real Lessons, we explore the hidden risk behind industrial 5G: the belief that better connectivity automatically means stronger resilience.Private 5G, edge computing and connected industrial assets can improve flexibility, latency and operational visibility. But they also change the risk model of the plant. The production environment b
Hacking EV Chargers to Stress the Grid: When Mobility Becomes Critical Infrastructure
n this episode of Cybersecurity Under Pressure: Real Attacks, Real Lessons, we explore why EV chargers should no longer be treated as simple connected devices.As electric mobility scales, charging infrastructure becomes part of a wider cyber-physical system that connects vehicles, users, payment platforms, operators, cloud backends, energy providers and the grid. A weakness in one layer may not on
Teenage Hackers and Software-Defined Factories: When Industrial Risk Starts with Identity
In this episode of Cybersecurity Under Pressure: Real Attacks, Real Lessons, we look at a uncomfortable shift in industrial cybersecurity: the attacker does not always need deep OT knowledge to create operational impact.As factories become more software-defined, the attack surface moves beyond PLCs, HMIs and plant networks. Identity, remote access, cloud services, engineering workstations, supplie
The Compliance Theater. Draining Supplier R&D and Breaking Automotive Silos.
our Tier-2 supplier just spent 80,000 euros on compliance. Their product cybersecurity did not improve by a single cent.In this episode of "Cybersecurity Under Pressure: Real Attacks, Real Lessons," we look at the compliance trap the automotive industry has built for its own supply chain. A single electronic component supplier must now navigate the overlapping demands of UNR 155, TISAX,
The Red Signal. Paralyzing a Railway Network with a Single Patch
In railway signaling, an uncoordinated security patch rarely causes a fatal accident. But it can paralyze an entire network.In this episode of Cybersecurity Under Pressure Real Attacks Real Lessons, we explore the structural tension between RAMS engineering and cybersecurity in critical railway infrastructure.We operate under EN 50129, where fail-safe guarantees that an interlocking system degrade
The Shadow Corridor. Legacy VPNs and the Financial Blast Radius in OT
Last month, a maintenance technician connected to a Level 1 PLC via VPN to fix a sensor. He did not know he had just opened the only door an attacker needed.In this episode of Cybersecurity Under Pressure Real Attacks Real Lessons, we look at a quiet failure in industrial architecture. The Purdue Model is not dead, but it is being bypassed from the inside. A direct VPN tunnel to OT infrastructure
Missing Cybersecurity Evidence Can Delay Production
The next production delay may not come from a missing component. It may come from missing cybersecurity evidence.In this episode of Cybersecurity Under Pressure: real attacks, real lessons, we look at a growing risk in automotive supply chains: suppliers may deliver the ECU, the software may work, and the release plan may look under control. Then a vulnerability appears, a VSOC event raises questi
An IDPS Alert Is Not an Incident Response Capability
Detecting a suspicious event in a vehicle is not the same as knowing what to do next.In this episode of Cybersecurity Under Pressure: real attacks, real lessons, we look at one of the weakest points in automotive cybersecurity: the gap between detection and decision-making.A vehicle may report suspicious diagnostic behaviour. A backend may receive telemetry. A VSOC may flag an anomaly linked to co
The Restart Bottleneck Is Not the Backup. It Is the Evidence.
After an OT cyber incident, restoring systems is only the visible part of recovery. The harder question comes next: who can prove that production is safe to restart?In this episode of Cybersecurity Under Pressure: real attacks, real lessons, we look at why OT recovery is different from IT recovery. A backup may exist. The PLC logic may appear unchanged. The virtual machine may boot. But in automot
When ECUs Meet Malice
What if the most vulnerable point in automotive cybersecurity isn't the car itself, but the station that gives it its software identity, setting the stage for a potential disaster that could put lives at risk.In this episode we break down the critical intersection of product cybersecurity and factory cybersecurity, and explore the potential consequences of a compromised ECU flashing station. W
Zero Trust Meets Twenty Year Old Code
What happens when a twenty-year-old industrial control system meets the latest Zero Trust security protocols, and the two just can't seem to get along? In this episode we break down the challenges of implementing Zero Trust in industrial environments, where legacy devices don't speak the language of modern identity and security. We walk through real-world examples of how to design a Zero T
Beyond Backup Recovery
What happens when a production line grinds to a halt, not because of a technical failure, but because trust in the engineering environment has been lost?In this episode we break down the real cost of an OT cyber incident, and explore the complexities of recovery in operational technology environments. We walk through a real case where the question is no longer just about restoring systems, but abo
Cyber Gaps in Automotive Supply
What happens when a vulnerability is discovered in a car's system after production has started, and nobody knows who's responsible for fixing it?In this episode we break down the messy world of automotive cybersecurity, where gaps in responsibility between companies can put entire systems at risk. We walk through real-world scenarios where the lack of clear agreements and ownership can lea
When Patches Stop Production
What happens when a security patch intended to protect your system ends up being the cause of a catastrophic operational incident?In this episode we break down the nuances of patch management in industrial environments, where the stakes are high and the consequences of a mistake can be devastating. We walk through real-world scenarios where a simple patch can bring down an entire production line,
Ransomware Beyond Encryption
What if a single login credential was all a hacker needed to bring your entire production line to a grinding halt, without even touching your industrial control systems?In this episode we break down the grey zone where ransomware attacks on operational technology can have devastating consequences, and explore the often-overlooked vulnerabilities that can allow attackers to move undetected between
Beyond Asset Coverage
Can a single overlooked device really bring down your entire network, and are you unwittingly leaving the door open to cyberattacks by focusing on the wrong security strategy?In this episode we break down the flaws in traditional network visibility programs and explore how microsegmentation can limit the damage of unseen assets. We walk through real-world examples of how IT dependencies and vendor
When Containment Fails Recovery
What if your team contained a cyber incident, but the real damage was only just beginning?In this episode we break down the disconnect between IT and engineering timelines, and explore how the NIS2 directive is raising the bar for incident recovery and accountability. We walk through the implications of Articles 20, 21, and 34, and what they mean for management bodies and cybersecurity teams. We a
Exposed Paths in OT Networks
What if the biggest security risk to your industrial control systems isn't a malicious hacker, but rather a simple disconnect between when a work order closes and when network access is actually shut off?In this episode we break down the hidden dangers of insecure remote access conditions and explore why PAM is not failing in OT, but rather being asked to enforce a physical work state it cannot se
Shipping the Code That Security Rejected
Your vehicle's biggest security threat might be arriving with a perfectly valid digital signature and your company's own stamp of approval.In this episode, we break down why the shift to software-defined vehicles is currently failing at the release gate. We walk through the uncomfortable reality of SOP pressure and argue that current security assessments are often treated as advisory rather than h
When a Patch Reopens the Safety Case
A simple security patch can fix a vulnerability and still become a total operational nightmare that brings an entire railway network to a standstill.In this episode, we break down the high-stakes collision between the new Cyber Resilience Act and the rigid, uncompromising world of railway safety certification. We walk through why architectural perfection is a myth for brownfield systems and how to
The Trap of the Trusted Engineering Session
Your VPN is lying to you about how safe your plant actually is.In this episode, we break down why relying on MFA and session monitoring is just giving you a front-row seat to your own incident. We walk through the reality of session hijacking in brownfield OT and argue why the network should never be the one deciding who gets to touch the control layer.This is about the high-stakes shift from lett
When VEX Becomes a Bureaucratic Shield
Your SBOM is probably useless, and it is time we talked about why.In this episode, we look past the hype of vulnerability scanning to the uncomfortable reality of the software-defined vehicle. We walk through how suppliers are using VEX as a bureaucratic shield to dodge patches and why your security program is likely just a mountain of expensive noise.We argue that if you are not prepared to chall
Why FRMCS Cannot Trust the Mobile Carrier
Your 5G service level agreement is not a safety case, and confusing the two is a dangerous mistake for the future of rail.In this episode, we break down why FRMCS cannot depend on the goodwill of a mobile operator, regardless of how low the latency claims are. We explore the logic of EN 50159 and explain why the only way to build a truly resilient railway architecture is to assume the network is a
The Token That Bypassed the Jump Host
Most industrial security teams are betting their entire plant floor on a jump server that an attacker can bypass in seconds.In this episode, we break down why your current MFA strategy is failing to stop session theft and what it actually takes to secure the engineering zone. We walk through the technical steps of removing NTLM and binding sessions to device posture so a compromised corporate cred
Poisoning the Software Defined Vehicle at Birth
Your vehicle’s security might be dead on arrival if the very network that birthed it was already compromised.In this episode, we challenge the industry obsession with supplier code and shift the focus to the high-stakes world of cryptographic provisioning on the plant floor. We break down why a verifiable SBOM is only half the battle and how to implement fleet-scale monitoring that actually filter
Why Rail Operators Fear the Patch
Most people think rail cybersecurity is a patching problem, but it is actually a validation nightmare that can stop your entire network in its tracks.In this episode, we break down why the standard patch or perish mindset fails when a single software update becomes an operational gamble with safety and timetables. We walk through the reality of TS 50701 and explore how data diodes and strict physi
When Physics is the Final Firewall
If you think your OT security problem is a lack of awareness, you’re missing the fact that your hardware literally cannot handle the solution. 🔌In this episode, we’re getting real about why legacy PLCs were never meant for modern crypto and how forcing it can actually tank your process. We walk through why deep packet inspection is often a trap and how to build a defense-in-depth strategy that mov
That is the part many cybersecurity plans still miss, OT controls under revision
The smartest OT control in rail is often the one that leaves the certified core untouched#RailCybersecurity #CBTC #EN50129 #TS50701 #IEC62443 #DPI #OTSecurity #Railway🎯 IN THIS EPISODE:• Railway and transportation cybersecurity• AI and machine learning security risks📋 KEY TOPICS COVERED:• Railway Cybersecurity• AI Security🔑 KEY INSIGHTS:1. The smartest OT control in rail is often the one that leav
Supply Chain: When the supplier will not cooperate resilience must become
When the supplier will not cooperate, resilience must become hostileToo many OT risk programs still assume the vendor will help when it matters. In real plants, that assumption breaks fast. Large integrators often resist SBOM requests, reject monitoring agents, and defend remote access as if it were untouchable because of warranty, latency or system integrity.🎯 IN THIS EPISODE:• Regulatory complia
Zero Trust in OT does not start at the HMI
Zero Trust in OT does not start at the HMIThat is why mature OT security does not force cloud-style identity into the final device when the device, and the workflow around it, were never built for it.🎯 IN THIS EPISODE:• Zero Trust architecture in OT environments• Automotive and connected vehicle security• AI and machine learning security risks• Identity and credential-based attacks• Authentication
[2026] Critical: The NIS2 problem is no longer whether the | Incident Response
The NIS2 problem is no longer whether the small supplier agrees with the requirementThe NIS2 problem is no longer whether the small supplier agrees with the requirement🎯 IN THIS EPISODE: Critical vulnerability assessments and mitigations AI and machine learning security risks Incident response and crisis management📋 KEY TOPICS COVERED: NIS2 Compliance AI Security🔑 KEY INSIGHTS: The NIS2 prob
[2026] Deep Dive: Some of the hardest OT risks in rail | Zero Trust
Some of the hardest OT risks in rail stay online for one simple reasonIf you cannot harden the asset, you isolate the risk around it with controls that actually understand the traffic. That means segmentation designed for the signalling cell, tightly brokered remote access, and inspection layers that can parse the protocols the system really uses instead of treating them as opaque packets.🎯 IN THI
[2026] Deep Dive: A bad weld passes inspection | OT Security
A bad weld passes inspectionThat is why periodic challenge parts are useful, but not sufficient on their own. They validate model behaviour against physical reality. They do not give you cybersecurity visibility.🎯 IN THIS EPISODE:• Automotive and connected vehicle security• AI and machine learning security risks📋 KEY TOPICS COVERED:• Automotive Security• AI Security🔑 KEY INSIGHTS:1. The PLC accept
[2026] Critical: Zero Trust for Brownfield OT - IEC 62443
"Do we have Zero Trust🎯 IN THIS EPISODE:Regulatory compliance frameworks (NIS2, IEC 62443)Zero Trust architecture in OT environmentsAI and machine learning security risksIncident response and crisis managementSupply chain attacks and software security📋 KEY TOPICS COVERED:Critical Infrastructure ProtectionZero Trust ArchitectureNIS2 ComplianceIEC 62443 StandardAI Security🔧 TECHNOLOGIES &
[2026] Critical: Vendor Lock-in - Ransomware
Your automation vendor just announced a ransomware breach🎯 IN THIS EPISODE: Data breach analysis and incident response lessons Ransomware defense and recovery strategies AI and machine learning security risks Supply chain security and third-party risk Incident response and crisis management📋 KEY TOPICS COVERED: Critical Infrastructure Protection Ransomware Defense Supply Chain Security IE
[2026] Critical: The Plausibility Gap - IEC 62443
Machine learning is now embedded in Level 0 field devices, making autonomous calibration decisions that your deterministic PLC blindly trusts🎯 IN THIS EPISODE: NIST cybersecurity framework implementation Railway and transportation cybersecurity AI and machine learning security risks Incident response and crisis management Shadow AI and unsanctioned machine learning📋 KEY TOPICS COVERED: Criti
IBM Data Breach Report 2026: The $1.9M Resilience Gap and NIS2 Compliance
Global breach costs just fell for the first time in five years. So why did US costs hit record highs? The answer reveals a market splitting in two: organizations with disciplined governance that absorb attacks and recover, and those entering a spiral of escalating costs and regulatory scrutiny.In this episode of Cybersecurity Under Pressure, we break down the technical details behind this incident
The 56% Problem: Why Attackers No Longer Need Passwords (IBM X-Force Analysis)
The 2026 IBM X-Force Threat Intelligence Index reveals a chilling statistic: more than half of last year’s exploited vulnerabilities required zero authentication to breach. The barrier to entry hasn’t disappeared—it has shifted from sophistication to pure velocity.In this episode of Cybersecurity Under Pressure, we break down the technical details behind this incident and translate them into actio
When Your Security Scanner Becomes the Trojan Horse: The CERT-EU Supply Chain Breach
What happens when the tool you download to find vulnerabilities becomes the vulnerability itself? We dissect the European Commission breach where attackers exfiltrated 91.7GB of sensitive data through Trivy, a trusted open-source security scanner. We walk through the anatomy of a supply chain poisoning and the three concrete controls that would have contained the blast radius..In this episode of C
Why Evidence Does Not Equal Confidence
In this episode of Cybersecurity Under Pressure: Real Attacks, Real Problems, we dive deep into the fascinating and destructive world of real-life cyber threats that have reshaped our global digital landscape. Join us as we explore the infamous Stuxnet worm, a highly sophisticated malware that infiltrated air-gapped industrial control systems to sabotage physical infrastructure, proving that cyber
Legacy rail assets do not become secure by policy
In this episode, we dive into the alarming reality of cyber threats in the modern railway sector. We explore major real-world incidents that prove critical infrastructure is a prime target, from a teenager derailing trams in Łódź, Poland using a reverse-engineered TV remote , to the notorious WannaCry ransomware outbreak that disrupted Deutsche Bahn's passenger information displays .We also un
If the secure reflash takes longer, the shortcut wins
In this episode of "Cybersecurity Under Pressure: Real Attacks, Real Problems", we dive into the messy reality where theoretical cybersecurity collides with operational pressure. What happens when a dealership technician needs to rush a DoIP reflash at 6:45 PM on a Friday with a growing queue of vehicles on the bay? We discuss how the clash between security, which demands traceability an
Jeep, Gateways and the Myth of Clean Isolation
In this episode, we dive into why the infamous Jeep hack is not just nostalgia, but a live architectural problem that the automotive sector still wrestles with today. While connected features demand reach and product teams crave convenience, we explore how modern vehicle architectures struggle to neatly isolate trust boundaries in the real world.In theory, gateways, domain controllers, and embedde
Rail Service Risk Starts Outside the SIL Boundary
In this episode of Cybersecurity Under Pressure: Real Attacks, Real Problems, we explore the rapidly evolving threat landscape facing modern railway networks. The era of 'security by isolation' is officially over, as digital twins, AI, and interconnected operational technologies turn railways into massive, distributed attack surfaces. We break down real-world cyber incidents, including the
Oldsmar Was About Standing Trust
In the realm of Operational Technology (OT), cyberattacks are not just IT problems; they are events with physical consequences, financial disasters, and threats to human safety. In this episode, we dive into how digital transformation and IT/OT convergence have expanded the attack surface, exposing critical infrastructure to unprecedented threats.We will explore devastating real-world cases that h
Why Quantum Security Paralyzes Industrial Infrastructure
In this episode, we dive deep into a critical, long-term threat facing Operational Technology (OT) and railway infrastructure: the "harvest now, decrypt later" strategy. We explore why attackers are actively collecting telemetry histories, failure signatures, and maintenance models today, knowing their engineering value will remain highly strategic a decade from now.The transition to post-quantum
Cybersecurity Under Pressure: The Executive Brief
Short on time? Join hosts Marcus Webb and Riley Park for a rapid, high-level summary of our deep dive into the escalating threats facing Operational Technology (OT) and enterprise IT. In this brief episode, we distill the most critical takeaways from the 2025 Verizon Data Breach Investigations Report, examining why stolen credentials and third-party vulnerabilities continue to be the dominant init
How Stolen Credentials Break Industrial Plants
In this episode, we dive deep into the escalating threat landscape facing both enterprise IT and Operational Technology (OT) environments. Drawing from the eye-opening 2025 Verizon Data Breach Investigations Report, we unpack why stolen credentials and third-party vulnerabilities remain the top initial access vectors for ransomware and other devastating attacks.We move beyond theory to analyze rea
Cybersecurity Under Pressure: The Executive Brief
Short on time? Join hosts Marcus Webb and Riley Park for a fast-paced executive summary of the critical threats facing AI systems today. In this bite-sized episode of "Cybersecurity Under Pressure," Marcus and Riley distill the most important lessons from real-world AI vulnerabilities into actionable insights.We quickly break down why stealthy "black-box" TAP attacks are outpac
Why Hidden Text Hacks Enterprise AI
In this episode of "Cybersecurity Under Pressure", we dive deep into the complex and rapidly evolving world of Artificial Intelligence cybersecurity. As Large Language Models (LLMs) evolve into autonomous "Agentic AI" capable of interacting with environments and executing real-world actions, the attack surface—and the pressure on security teams—has never been greater.Join us as we unpack critical
DDoS and Hacktivism: When Disruption Becomes a Board-Level Threat
Not every damaging cyberattack needs sophistication. Sometimes, sustained disruption is enough.A slow customer portal. Unstable supplier access. Degraded telemetry. In highly automated environments, these aren't just IT headaches—they're strategic pressure points that simultaneously hit operations, communications, and the C-suite. The real danger isn't downtime; it's the loss of visibility when le
[2026] Urgent: When AI Agents Become the New Insider Threat - Zero Trust
AI agents are no longer just assistants—they're autonomous operators with system access🎯 IN THIS EPISODE:• Zero Trust architecture in OT environments• Automotive and connected vehicle security• AI and machine learning security risks📋 KEY TOPICS COVERED:• Critical Infrastructure Protection• Automotive Security• AI Security• Vehicle Network Security🔧 TECHNOLOGIES & STANDARDS:ISO • CAN Bus • ECU👥 WHO
[2026] Critical: Logged In, Not Hacked - Railway
Modern intrusions don't start with cinematic malware🎯 IN THIS EPISODE:• Real-world attack vectors and exploitation techniques• Automotive and connected vehicle security• AI and machine learning security risks📋 KEY TOPICS COVERED:• OT security• Critical Infrastructure Protection• Automotive Security• AI Security🔧 TECHNOLOGIES & STANDARDS:ISO • ECU👥 WHO SHOULD LISTEN:This episode is perfect for CISO
KEV-First Patch Ops: Defending the Exposed Control Plane
In this brand new episode of Cybersecurity Under Pressure: Real Attacks, Real Lessons, Alex and Sarah tackle why traditional monthly patching cycles are failing modern enterprises. Prompted by actively exploited edge vulnerabilities, they argue for a radical shift toward a KEV-first operations strategy. This episode covers how to prioritize external exploitation signals over CVSS scores, enforce e
The Illusion of MFA: AiTM Phishing and Session Token Theft
Welcome to a new episode of Cybersecurity Under Pressure: Real Attacks, Real Lessons. If your security dashboard shows complete MFA adoption, you might still be compromised. Sarah and Alex break down the mechanics of Adversary-in-the-Middle (AiTM) attacks targeting the banking and insurance sectors. Discover why attackers are bypassing traditional authentication to steal session tokens, and learn
Automotive Extortion Goes Upstream: Protecting the New Vehicle Perimeter
In this new episode of Cybersecurity Under Pressure: Real Attacks, Real Lessons, hosts Sarah and Alex dissect the structural shift in automotive cyber threats. Moving past the outdated CAN bus hacking narrative, they explore how extortion crews are now targeting cloud services, APIs, and CI/CD pipelines to hold fleets hostage. Listen in for a rigorous breakdown of how to secure the update chain wi
Invisible Conduits: The Control Plane Siege
This episode dissects the strategic shift toward control plane exploitation, using the recent Cisco SD-WAN bypass (CVE-2026-20127) to illustrate how attackers are rewriting network segmentation in real-time. We analyze the fallout of the Odido leak and why "availability" has become the primary risk factor for industrial and automotive supply chains. We wrap up with a "Tier 0" roadmap for hardening
Hostile Time: When the Clock Lies in Critical OT
We are back with another episode of Cybersecurity Under Pressure. Real Attacks, Real Lessons, diving into one of the most insidious vectors in operational technology: hostile time. At 06:05, a rail control room gets a burst of alarms, but the chronological sequence is physically impossible. The interlocking system reports an input changing after the command that supposedly triggered it. Time synch
The 18:45 Reflash: When Usability Friction Becomes a Threat
In this new chapter of Cybersecurity Under Pressure. Real Attacks, Real Lessons, we tackle the dangerous intersection of operational friction and systems engineering. A dealership laptop starts a DoIP reflash at 18:45. The authentication portal lags, the technician forces a shared session to stay alive, and suddenly the trust chain is compromised by a manual workaround. This episode challenges the
The Friday Night Patch & The Illusion of Segmentation
Welcome to a new episode of Cybersecurity Under Pressure. Real Attacks, Real Lessons. It is Friday at 22:30, and a rail depot applies a minor network change to fix a flaky engineering link. By Monday morning, everything looks functional, but the security boundary has silently drifted. In this chapter, we break down why probabilistic defense and manual audits fundamentally fail in OT environments.
Weekly Roundup: State Machine Breakdown & Engineering the Degraded Mode
Welcome to a new weekly roundup episode of Cybersecurity Under Pressure. Real Attacks, Real Lessons. This week, we examine a cascade of high-impact events across multiple critical sectors: a massive DDoS wave knocking Deutsche Bahn’s passenger systems offline, ransomware forcing the University of Mississippi Medical Center to revert to manual workflows, a major data breach of France's FICOBA bank
Engineer the Path, Not Just the Perimeter
A vendor fixes an alarm at 4 PM. At midnight, that same remote tunnel is used to push an unsafe setpoint. Different intent, identical path.How does your network know the difference? Spoiler: It doesn't.This is the synthesis. We connect the dots from the previous episodes, the Oldsmar attack and the break-glass dilemma, to deliver a final verdict: You cannot patch your way to safety. You have to de
02:00 AM Panic: Does "Break-Glass" Mean "Break-Security"?
The packaging line stalls at 01:40 AM. Scrap is rising. The IAM server is down. Do you wait for IT to wake up, or do you reach for the "emergency" admin password kept in a drawer?That split-second decision is where security dies.In this episode, we tackle the uncomfortable friction between production pressure and cybersecurity. We explain why "temporary" bypasses often become permanent backdoors a
When Maintenance Becomes the Weapon: The Oldsmar Incident
February 2021. An operator in Florida watches his cursor move across the screen on its own. It wasn’t a glitch; it was an active attempt to poison the water supply by changing sodium hydroxide levels.But here is the terrifying part: The attackers didn’t use a zero-day exploit. They used the plant’s own maintenance tools.In this episode, we dissect the Oldsmar incident to uncover a harsh reality: i
[2026] Critical: When the Hypervisor Becomes the Attack Surface - Patching
Picture a control room where HMIs work, but historians freeze and jump servers vanish🎯 IN THIS EPISODE:• Real-world attack vectors and exploitation techniques• Critical vulnerability assessments and mitigations🔧 TECHNOLOGIES & STANDARDS:ISO • PLC • HMI • ECU👥 WHO SHOULD LISTEN:This episode is perfect for CISOs, OT security engineers, infrastructure operators, compliance officers, cybersecurity con
Recommended

Deadline: White House

Thrilling Threads - Conspiracy Theories, Strange Phenomena, True Crime, Unsolved Mysteries, etc!

The Daily Conspiracy Podcast

2819 Church

Markus Schulz presents Global DJ Broadcast

Bad Friends

The Bill Simmons Podcast

The Joe Rogan Experience

Clownfish TV Podcasts

BOOST FAITH

The 10 Minute Entrepreneur

To the Extent That...