In this episode, Dino and LuRae address why system integrators, OEMs, and ecosystem partners are often a manufacturer’s most underused cybersecurity resource.

Dino explains why many IT leaders lack real visibility into the plant floor, what it takes to operationalize OT security beyond “checking the box,” and why asset inventory is the first practical step toward protecting control systems.

The conversation also covers the realities of remote access after COVID, the need for governance measures such as change control and auditing, and why manufacturers should build real partner relationships rather than purely transactional vendor engagements.

Chapters:

• (00:00:00) OT security requires time inside the plant, not an “ivory tower” view
• (00:01:00) Introducing Dino and the topic: partners as a cybersecurity asset
• (00:02:00) Why OT assets get excluded from cybersecurity strategy
• (00:03:00) The real opportunity: system integrators and OEMs already in the plant
• (00:05:00) Getting started: identify who’s working in each facility
• (00:08:00) Step one: accurate OT asset inventory and visibility
• (00:10:00) Remote access: detect, audit, and control what partners are doing
• (00:12:00) “Compliance” vs. operational reality on the plant floor
• (00:16:00) Resourcing reality: why most teams cannot self-perform OT security
• (00:20:00) Final advice: budget, ROI of downtime, and act before the incident

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Most cybersecurity teams treat patching like a universal fix. In manufacturing, that assumption can take down a production line, trigger a safety event, or void the warranty on a $2 million piece of equipment.

In this episode, Dino Busalachi and Craig Duckworth break down why patching in operational technology environments is a fundamentally different problem than patching enterprise IT — and why closing that gap requires more than just pushing an update.

The bottom line: A firewall is not a patching strategy. Neither is hoping your systems are isolated. Organizations that get this right use risk-based prioritization, lab testing, virtual patching, and real collaboration between IT and OT teams.

If you are responsible for a plant floor — or for the people who are — this conversation is for you.

🎙️ Industrial Cybersecurity Insider is where C-suite leaders, plant managers, engineers, and security teams come to close the gap between IT and OT.

🔔 Subscribe so you never miss an episode.

Chapters:

• (00:00:00) Why assessing OT cybersecurity posture and asset visibility is hard
• (00:01:00) IT patches constantly, OT rarely does, and why that gap matters
• (00:03:00) Downtime costs: a broken patch in OT can stop the entire plant
• (00:05:00) OEM “don’t touch it” policies and warranty pressure
• (00:08:00) M&A due diligence: buying plants without knowing the cyber condition
• (00:09:00) CrowdStrike outage example and why agent-based tools are risky in OT
• (00:10:00) Virtual patching: protecting PLCs and legacy assets you cannot patch
• (00:14:00) Vendor guidance, upgrade rewrites, and “acceptable risk” decisions
• (00:17:00) Hidden exposure: guest Wi‑Fi, tablets, remote access, and “air gaps”
• (00:20:00) Best practices: inventory, continuous monitoring, vulnerability metrics, and cross-team alignment

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino and Craig break down what they are seeing in real industrial environments as companies begin the OT cybersecurity journey. They outline why most organizations are still in an “unaware to awareness” phase, what creates the “oh wow” moment after the first pilot, and why ownership and execution often falls to plant-floor teams and their OEM and integrator partners.

The conversation covers the limits of surface-level visibility, why accurate asset inventory and remote access control are foundational, and how practical constraints like flat networks, legacy switches, warranty concerns, and limited human capital can stall progress.

They also share cautionary examples of IT-first security tooling causing operational impact, and they close with a clear message: think globally, act locally, and build a defensible OT program that matches how plants actually run.

Chapters:

• (00:00:00) Why OT vulnerabilities and remote access are the real “kicker”
• (00:01:00) The market reality: 60% unaware, 30% starting, 10% operationalized
• (00:03:00) Who owns remediation: IT vs OT and the plant-floor accountability gap
• (00:05:00) Why “visibility” often stops at Purdue Level 3 and misses Level 2 assets
• (00:07:00) OEMs, integrators, and why support models matter in OT cybersecurity
• (00:09:00) Flat networks, north-south traffic, and why you still miss panel-level devices
• (00:11:00) The human capital problem and why outsourcing is often unavoidable
• (00:18:00) A real-world warning: EDR in ICS can create massive operational cost
• (00:20:00) Safety, quality, and cybersecurity: the three things leaders will fund
• (00:24:00) Change management failures and why monitoring PLC edits matters

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!