Episodes

  • Critical Infrastructure Security: From Awareness to Action with Khris Woodring
    Nov 19 2024

    Recent years have seen a growing awareness of the vulnerabilities in our critical infrastructure to cyberattacks, particularly from nation-states like Russia, Iran, and China. In this episode of the IoT Security Podcast, host John Vecchi welcomes Khris Woodring, Senior Cybersecurity Architect at Syngenta, to explore the evolving challenges and opportunities in securing critical infrastructure. From his serendipitous journey into the field to actionable insights on workforce development, Khris shares how industries can overcome the persistent talent gap and drive proactive change in OT security.

    Key topics include:

    • The unique challenges of bridging IT and OT security.
    • Why workforce shortages hinder progress and how industry and academia can collaborate.
    • The importance of standardizing roles, frameworks, and terminology.
    • Stories of how early curiosity sparked a career in cybersecurity.

    Tune in for a passionate discussion on how to protect the systems that make modern life possible—and the steps we can take to secure a resilient future.



    Let’s connect about IoT Security!

    Follow John Vecchi at https://www.linkedin.com/in/johnvecchi

    The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

    Show More Show Less
    54 mins
  • Guarding the Gateways: Tackling IoT Vulnerabilities in Critical Systems with Joel Goins
    Nov 5 2024

    Businesses and government organizations have seen threats to critical US infrastructure on the rise in recent years, particularly within IoT and OT systems, posed by cyberattacks, notably from state actors like Iran. With that context, Joel Goins, a veteran of manufacturing, oil and gas, and OT security at large, talks with John Vecchi about the critical need for enhanced security measures for data centers and other vital components, the vulnerabilities present in IoT devices, and the essential steps companies must take to safeguard against both traditional and emerging cyber threats.



    Let’s connect about IoT Security!

    Follow John Vecchi at https://www.linkedin.com/in/johnvecchi

    The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

    Show More Show Less
    45 mins
  • From Vulnerabilities to Visibility: Enhancing OT Network Security with Michael Lester
    May 28 2024

    Explore the intricate challenges and solutions in managing OT cybersecurity, particularly emphasizing the importance of active querying over passive deep packet inspection, with Michael Lester, Senior Product Security Engineer at Rockwell Automation! Lester underscores the necessity of segmenting networks, improving visibility, and fostering collaboration between IT and OT teams to mitigate risks and enhance security. His journey, from passionate mentorship to pursuing a PhD, exemplifies a commitment to advancing industrial cybersecurity frameworks and education.



    Let’s connect about IoT Security!

    Follow John Vecchi at https://www.linkedin.com/in/johnvecchi

    The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

    Show More Show Less
    45 mins
  • Navigating the Convergence: Securing OT in a Connected World
    May 14 2024

    In this episode, we're diving deep into the world of Operational Technology (OT) and IoT security, exploring the critical challenges and evolving threat landscape that are impacting sectors from manufacturing to critical infrastructure and healthcare. With insights from Patrick Gillespie, an OT expert at GuidePoint Security, we'll discuss the convergence of IT and OT systems, the risks introduced by COVID-19, and the advanced solutions from providers like Phosphorus that are combatting these threats. Patrick also sheds light on his personal journey from military service to a cybersecurity career, and the essential steps organizations should take to bolster their OT security, from embracing cyber hygiene to implementing robust security programs. Join us as we uncover the pressing issues facing IoT security today and how innovations are driving a safer, more secure operational environment.



    Let’s connect about IoT Security!

    Follow John Vecchi at https://www.linkedin.com/in/johnvecchi

    The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

    Show More Show Less
    44 mins
  • Unlocking Resilient Cybersecurity Solutions in Healthcare and Beyond with Jason Taule
    Feb 20 2024

    Are you curious about the evolving world of cybersecurity, virtual CISOs, and their vital role in different industries? In this episode, Brian and John are joined by cross-vertical vCISO Jason Taule, who brings a wealth of experience and insights from his diverse career in the field as one of the first CISOs...ever. From working with federal agencies like NASA to serving as a virtual CISO for agriculture, heavy manufacturing, and healthcare organizations, Jason offers valuable perspectives on the unique security challenges faced across different sectors.


    Throughout the episode, Jason discusses the evolving role of the Chief Information Security Officer (CISO) in various industries. He highlights the intricacies of implementing cybersecurity measures in sectors like healthcare, where specific jargon and risks come into play.

    The conversation also goes into the complexities of managing operational technology (OT) and IoT security, emphasizing the need for improved third-party access control and a better understanding of firmware vulnerabilities. Additionally, the episode explores the impact of regulations, financial pressure, and the evolving threat landscape on organizations' engagement with security.



    Let’s connect about IoT Security!

    Follow John Vecchi at https://www.linkedin.com/in/johnvecchi

    The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

    Show More Show Less
    1 hr and 1 min
  • Securing Critical Infrastructure: Challenges and Strategies with Sean Tufts
    Feb 6 2024

    Sean Tufts is in the house, and we ask him to go all the way back. All the way. From his origins to the evolving challenges and security needs in IoT and OT environments, particularly in critical infrastructure. Your hosts, Brian Contos and John Vecchi, engage in a thought-provoking conversation with special guest Sean Tufts from Optiv. The discussion goes into Tufts' background, from his transition from an NFL player to a cybersecurity and critical infrastructure expert, to managing substantial programs at Optiv. Sean touches on the changing landscape of critical infrastructure, the challenges of IoT and OT security in the wake of COVID-19, and the evolving tactics in cyber attacks. He also shares insightful anonymized stories of cyber incidents, emphasizing the importance of effectively addressing vulnerabilities in IoT devices and legacy systems to mitigate risks.

    After listening to the episode, be sure to subscribe to the Phosphorus IoT Security Podcast to stay updated on evolving cybersecurity challenges and strategies in the IoT and OT space. Share this impactful episode with colleagues and peers involved in securing critical infrastructure to spark insightful conversations and proactive measures for vulnerability management.



    Let’s connect about IoT Security!

    Follow John Vecchi at https://www.linkedin.com/in/johnvecchi

    The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

    Show More Show Less
    45 mins
  • The Evolution of Hacking: From Counterculture to Cybersecurity with John Threat
    Jan 23 2024

    Content Warning: This episode contains explicit language and references to criminal activity.
    In this episode, Brian and John are joined by a very special guest—John Threat, also known as John Lee, a veteran of the Great Hacker War and known as "Corrupt" from the early 90s hacking group MOD (Masters of Deception). We dive into the fascinating origins and culture of hacking, with John Threat sharing his experiences from the '80s all the way to the present day and the excitement of exploring and breaking into systems. The discussion also explores the evolution and loss of excitement in the hacking culture, the potential impact of AI and machine learning, and the changing threat landscape. From the deep camaraderie within hacking groups and the diversity of the MOD team in the 90s to the potential ethical and legal implications of new technologies, this episode is set to be a thought-provoking and riveting journey into the world of cybersecurity and hacking.

    You can follow John Threat on Instagram at @johnthreat or follow his work at http://www.rip.space and http://www.johnthreat.com.



    Let’s connect about IoT Security!

    Follow John Vecchi at https://www.linkedin.com/in/johnvecchi

    The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

    Show More Show Less
    40 mins
  • The "Original Cyber-Physical System": Legacy Devices and Key Trends in OT Cybersecurity
    Nov 21 2023

    She's no slacker. Danielle Jablanski has been an "expert" — she hates that word — in nuclear policy analysis (the "original Cyber-Physical System"), energy research, and now Nozomi Networks, where she plays the crucial OT cybersecurity strategist role.

    John Vecchi and Brian Contos pick Danielle's brain on the ever- and never-changing trends and challenges, digging into the need for consequence-based security and collaboration between security professionals and OT engineers. The discussion also covers the growing concern about the security of IoT devices in OT environments, the importance of centralizing and managing security, addressing the issues surrounding legacy devices, and the evolving landscape of liability and insurance in cybersecurity.

    Key Topics Covered:
    1. Trends in cybersecurity and the importance of consequence-based security
    2. Concerns about the security of IoT devices in OT environments and the role of centralization and management
    3. Challenges with legacy devices in ICS and healthcare and the need for building controls and defense-in-depth
    4. Evolving conversations about liability and insurance in cybersecurity

    After tuning in to this episode, subscribe to the IoT Security Podcast, powered by Phosphorus, to stay informed about the latest trends and insights in IoT security.



    Let’s connect about IoT Security!

    Follow John Vecchi at https://www.linkedin.com/in/johnvecchi

    The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

    Show More Show Less
    33 mins