ניהול סייבר הוא הרבה דברים שהם מעבר להגנה, היכולת לעבוד מול כלל הגורמים בחברה ממשתמשי הקצה בנושא מודעות סייבר, דרך יצירת מרחב עבודה ושיתוף פעולה של גורמי מקצוע האחרים כגון: ניהול סיכונים, המחלקה המשפטית, מערכות המידע והרשימה עוד ארוכה. כול זה עוד לפני הצורך לתת מענה להיבטים העסקיים ועבודה שוטפת מול הנהלה ודירקטוריון.

הפעם בקשתי לפתוח את נושא ההנהלה בצורה רחבה יותר, מה קורה שאתה מקבל/לוקח עליך כסמנכ"ל את האחריות הניהולית למערכות המידע של החברה וכפל כפלים בחברה שהיא תשתיות קריטיות תחת רגולציות קשיחות.

נחשון פינקו מארח את עידן פלק סמנכ"ל הסחר ומערכות המידע של קבוצת אורות אנרגיה בשיחה על ראיית המנהל לאחר שנתיים וחצי מאז שלקח על עצמו את האחריות למערכות המידע ללא שום ידע בתחום. ההתמודדות עם מלחמה שהאתרי הייצור של החברה הם מטרה ברורה לתקיפה פיזית וקיברנטית.

ניהול סיכונים

בנית צוות

העבודה במסגרת ההנהלה הבכירה והדירקטוריון

גיבוש תקציב תחת "שמיכה קצרה" וסדר עדיפויות

ועוד

Cyber management is about much more than just protection. It’s the ability to work with every entity in the company, from end-users on cyber awareness to creating a collaborative workspace with other professionals, such as risk management, legal, IT, and more. All of this is even before addressing business aspects and ongoing work with senior management and the Board of Directors

This time, I wanted to explore the management aspect more broadly: what happens when you, as a VP, take on the administrative responsibility for the company's information systems, especially in a critical infrastructure company under strict regulation

Nachshon Pincu hosts Idan Flek, VP Chief Commercial Officer and Information Systems at the Orot Energy Group, for a conversation from a manager's perspective, two and a half years after taking on IT responsibilities with no prior knowledge of the field. Dealing with a war where the company's production sites are clear targets for physical and cyber attacks

Risk management

Building a team

Prioritizing cyber within senior management and the Board

formulating a budget under a 'short blanket' and shifting priorities

and more

In this episode of the (CS)²AI Podcast, host Derek Harp is joined by Jonathan Pollet, Marc Visser, and Bryan Singer for a deep-dive Q&A discussion following CS2AI’s January 21st community event on OT Monitoring, SOC operations, and Incident Response. Drawing on decades of hands-on experience across industrial environments worldwide, the panel expands on questions that couldn’t be fully addressed during the live sessions.

The conversation explores why OT monitoring and SOC capabilities must come before incident response, and how poor network architecture, lack of visibility, and organizational silos continue to undermine response efforts when incidents occur. Jonathan outlines the architectural foundations required to support effective detection, response, and recovery, while Marc emphasizes the practical realities of implementing OT monitoring—from working with factory engineers to reducing alert fatigue and building usable SOC workflows.

Bryan brings the incident responder’s perspective, sharing real-world insights from global OT incidents, including prolonged dwell times, ransomware impacts on production, and why organizations without proper segmentation and monitoring often experience the most severe and prolonged outages. The discussion also tackles common questions around Fusion SOCs vs. dedicated OT SOCs, the human challenges of translating OT data into actionable intelligence, and what asset owners should realistically expect from incident response retainers.

This episode is a must-listen for OT practitioners, security leaders, and asset owners looking to move beyond theory and understand what actually works in the field. Whether you are just beginning your OT monitoring journey or refining mature SOC and IR capabilities, this discussion offers practical guidance rooted in real operational experience.

OT security researcher Ben Book takes an unapologetic view on the state of OT security in manufacturing. He doesn’t blame anybody but provides a clear analysis of business dynamics and offers what many lack when talking OT security solutions: the right questions.

You can find more information on OT Security Made Simple at rhebo.com or send us your ideas, questions, or guest suggestions at podcast@rhebo.com.

Many devices on modern networks aren’t what their labels claim. This episode, Rob King, Director of Applied Security Research at runZero, explores white-labeled surveillance and IoT hardware, why some vendors are banned by governments, and how hidden risks can spread across enterprises. Discovery, device fingerprinting, and protocol analysis reveal what’s really connected—and why knowing your true inventory is now essential for security, compliance, and trust.

Welcome to the Policy Pulse Panel, a new monthly series within the Critical Assets Podcast. Hosted by Patrick Miller (Ampyx Cyber), Earl Shockley (CEO, Inpowerd), and Joy Ditto (CEO, Joy Ditto Consulting), this recurring panel dives into the most significant policy shifts and regulatory developments impacting critical infrastructure, operational technology (OT), and industrial cybersecurity. Each month, we unpack emerging legislation, agency actions, and standards updates - connecting the dots between policy and the practical realities faced by asset owners, utilities, vendors, and government partners. If you're trying to stay ahead of your auditors and your legislators, this is your monthly must-listen.

https://ampyxcyber.com/podcast/policy-pulse-regulatory-roundtable-nerc-cip-cybersecurity-strategy-ai-electric-sector