In this episode, host Aaron Crow welcomes cybersecurity expert John Schimanski Jr., Chief Information Security Officer at Trivigil, for an eye-opening conversation that every parent, educator, and technologist needs to hear. Together, they delve into the escalating dangers children face online - from the alarming rise of cyber predators and social media manipulation, to the misuse of AI and increasingly sophisticated scams targeting families.

John shares powerful stories from his work with educational institutions and law enforcement, highlighting how digital threats are evolving far faster than most parents can keep up with. Aaron reflects on personal challenges as a parent navigating device safety and digital boundaries, and the two discuss practical strategies for protecting kids in today’s hyper-connected world.

This episode doesn’t just explore the risks - it offers hope and tangible action, including details about cybersecurity education initiatives like the MASK Next Gen Shield game, designed to give kids and parents the knowledge they need to stay safe online. Whether you’re a concerned parent, a teacher, or someone working in the cybersecurity field, this discussion is packed with real-world advice and resources you can use right now.

Tune in for a timely conversation on the front lines of digital safety—and learn why, when it comes to protecting our kids, awareness and action are more important than ever.

Key Moments:

05:00 Digital Image Blacklist Management

08:08 Parental Cybersecurity and Tech Awareness

10:06 Fake Arrest Warrant Scam Alert

13:27 AI Development Concerns and Future

21:13 Online Predator Alert & Teen Safety

25:33 Limits of Facebook Moderation

27:29 Managing Digital Challenges for Parents

30:46 Teen Sextortion Crisis Emerges

33:44 "Saving Kids Amidst Social Media"

42:23 Broken Graphics Card Issue Resolved

45:33 Internet Safety Tips for Parents

49:43 Pause Before Reacting

51:17 Future Concerns and Optimism

56:46 "Essential Curriculum for Schools"

About the guest :

John Schimanski Jr. brings more than three decades of experience in physical and cybersecurity, spanning private and public sectors. Beginning his career in 1994, he worked as a physical security specialist protecting super-regional shopping centers in high-crime areas, focusing on stolen vehicles and safety operations. During this time, he earned two master’s degrees—one in Criminal Justice and Security Administration and another in Managing Information Systems—along with a bachelor’s in Business Administration.

He transitioned into cybersecurity in 2007, when ransomware was still a $5,000 payment on a green dot credit card. While working in a small data center, he developed customized web services and interfaces for organizations such as the Las Vegas Motor Speedway and Electric Daisy Carnival (EDC).

In this episode, host Aaron Crow sits down with cybersecurity leader and National Guard threat hunt team lead Christopher Ross, diving into the real-world experiences that shape careers in the intersecting worlds of IT and OT security. Chris shares his 18-year journey from joining the military with a passion for computers to leading critical infrastructure cybersecurity efforts - both in uniform and in the private sector. Together, Aaron and Chris break down myths about gatekeeping, discuss the unique challenges of military versus civilian roles, and highlight lessons learned along the way.

From imposter syndrome to servant leadership, the conversation unpacks how effective communication, continuous training, and the willingness to learn from failure fuel professional growth. Chris also reflects on how military training instills risk mitigation and teamwork, and how those skills can translate - and sometimes clash - with civilian cybersecurity cultures. They talk certifications, hands-on learning, the importance of meaningful tabletop exercises, and the evolving landscape as AI powers both attackers and defenders.

Whether you’re a veteran, a fresh analyst, or just passionate about cybersecurity, this honest and energetic exchange will leave you motivated to keep learning, keep growing, and keep protecting it all. So grab your energy drink and tune in for a conversation that proves everyone in cyber, no matter their path, has wisdom worth sharing.

Key Moments:

05:30 Military Adventures Surpass Civilian Opportunities

07:28 Military vs. Civilian Leadership Dynamics

10:42 Clarifying Civilian vs Military Missions

12:22 Leadership: Addressing Miscommunication & Misalignment

15:45 Toxic Leadership and Military Transition

20:01 Reliance on Tools vs. Core Skills

22:29 "Forgotten Skills Fade Over Time"

25:13 Boosting Confidence in New Roles

29:42 Interactive Training and Environmental Protection

32:37 Purple Teaming Strategy Insights

36:15 Persistence in Skill Development

39:04 Soft Skills Matter for Career Growth

42:44 "Technical & Business Acumen Fusion"

44:41 Military: Career Value and Benefits

48:09 "Cyber Education for K-12"

Resources Mentioned :

https://www.ransomware.live/

• comprehensive resource that tracks and monitors ransomware groups and their activities.

https://ransomwhe.re/

• tracks ransomware payments by collecting and analyzing cryptocurrency addresses associated with ransomware attacks.

https://www.ransom-db.com/

• real-time ransomware tracking platform that collects, indexes, and centralizes information on ransomware groups and their victims.

About the Gu...

In this episode, host Aaron Crow is joined by Kathryn Wang, Principal of Public Sector at SandboxAQ, for a wide-ranging and candid conversation about the critical role AI and quantum technology are playing in today's cybersecurity landscape.

Kathryn and Aaron break down complex concepts like quantum cryptography and the growing risks of deepfakes, data poisoning, and behavioral warfare - all with real-world examples that hit close to home. They dig into why cryptographic resilience is now more urgent than ever, how AI can both strengthen and threaten our defenses, and why your grandma shouldn’t be left in charge of her own data security.

From lessons learned in power plants and national defense to the nuances of protecting everything from nuclear codes to family recipes, this episode dives deep into how we can balance innovation with critical risk management.

Kathryn shares practical advice on securing the basics, educating your network, and making smart decisions about what truly needs to be connected to AI. Whether you’re an IT, OT, or cybersecurity professional—or just trying to keep ahead of the next cyber threat - this episode will arm you with insights, strategies, and a little bit of much-needed perspective. Tune in for a mix of expert knowledge, humor, and actionable takeaways to help you protect it all.

Key Moments:

04:02 "Securing Assets in Post-Quantum Era"

07:44 AI and Cybersecurity Concerns

12:26 "Full-Time Job: Crafting LLM Prompts"

15:28 AI Vulnerabilities Exploited at DEFCON

19:30 AI Data Poisoning Concerns

20:21 AI Vulnerability in Critical Infrastructure

23:45 Deepfake Threats and Cybersecurity Concerns

28:34 Question Everything: Trust, Verify, Repeat

33:20 "Digital Systems' Security Vulnerabilities"

35:12 Digital Awareness for Children

39:10 "Understanding Data Privacy Risks"

43:31 "Leveling Up: VCs Embrace Futurism"

45:16 AI-Powered Personalized Medicine

About the guest :

Kathryn Wang is a seasoned executive with over 20 years of leadership in the technology and security sectors, specializing in the fusion of cutting-edge innovations and cybersecurity strategies.

She currently serves as the Public Sector Principal at SandboxAQ, where she bridges advancements in post-quantum cryptography (PQC) and data protection with the mission-critical needs of government agencies. Her work focuses on equipping these organizations with a zero-trust approach to securing sensitive systems against the rapidly evolving landscape of cyber threats.

During her 16-year tenure at Google and its incubator Area120, Kathryn drove global efforts to develop and implement Secure by Design principles in emerging technologies, including Large Language Models (LLMs) and Generative AI.

How to connect Kathryn :

https://www.linkedin.com/in/kathryn-wang/

<...

Welcome to another episode of Protect It All, where we dive deep into the world of IT and OT cybersecurity! In this episode, host Aaron Crow sits down with Patrick Gillespie, OT Practice Director at GuidePoint Security, for a candid conversation that's as insightful as it is relatable. Patrick, whose journey has taken him from working in manufacturing and building freight trains to leading OT security initiatives, shares real-world stories about the challenges and realities of protecting operational technology.

Together, Aaron and Patrick discuss the blurred lines between IT and OT, the importance of understanding business priorities in security, and why collaboration rather than heavy-handed mandates makes all the difference in securing critical infrastructure.

Whether you’re a seasoned professional or just getting started in cyber, you’ll come away with practical insights on risk management, building trust with operations teams, and the vital role of mentorship in developing the next generation of OT security experts.

Stay tuned for a grounded, actionable conversation that reminds us all: when it comes to securing the intersection of IT and OT, it’s about more than just technology -it’s about people, process, and the bigger business picture.

Key Moments:

05:53 IT and OT System Confusion

07:43 Implementing Fortigate and Managing Risks

11:21 Outdated Systems and Patch Challenges

15:43 Comprehensive Onsite Assessment Toolkit

17:56 AI or Traditional? Balancing Approaches

21:16 "Securing OT: Remote Access and Training"

25:47 Cybersecurity Skill Growth Forecast

26:38 "Mentorship in Cybersecurity Careers"

30:22 Understanding Your Network Setup

35:39 Balancing Security and Accessibility

36:09 Leveraging Operational Team Buy-In

39:27 IT Budget Prioritization for OT Needs

42:44 Challenges in OT Security Adoption

46:56 Tech Growth & Infrastructure Expansion

About the Guest :

Patrick Gillespie has spent over 15 years immersed in the world of cybersecurity, with the last three and a half years serving as the OT Practice Director at GuidePoint, a leading value-added reseller specializing in cybersecurity products.

At GuidePoint, Patrick leads a dedicated team of OT engineers focused on securing both operational technology (OT) environments and the rapidly growing array of IoT devices. Recognizing that clients often CISOs may not directly own OT assets or remediation processes, Patrick excels at bridging the gap between IT security leaders and their operational counterparts, such as plant managers and controls engineers.

Through his work, Patrick guides organizations to understand and address the unique challenges of OT security, helping them build collaboration across teams to strengthen their overall cyber defenses.

How to connect Patrick :

GuidePoint Security University: https://www.guidep...

In this episode, host Aaron Crow sits down with longtime friend and colleague Scott Rosenberger, the cybersecurity leader for Vistra Corporation’s generation fleet. Together, they take a deep dive into Scott’s fascinating journey from an engineering background in nuclear power to overseeing cybersecurity across a sprawling, nationwide utility portfolio.

You’ll hear insightful stories from the early days of OT cybersecurity - before most of today’s tools even existed - and how foundational principles like alignment, engagement, and standardization have driven years of progress.

Scott and Aaron reflect on the importance of building cross-disciplinary teams, developing strong communication strategies, and embracing the reality that real security is about continuous improvement, collaboration, and sometimes learning from mistakes.

From tales of rolling out firewalls at power plants and negotiating with skeptical vendors, to lessons in leadership, trust-building, and the ever-evolving challenges of protecting critical infrastructure, this episode is packed with practical wisdom, industry anecdotes, and a look at what’s coming over the cybersecurity horizon. Whether you’re just entering the field or a seasoned pro, grab your headphones - you won’t want to miss this candid, insightful conversation.

Key Moments:

04:37 Bridging IT and Cybersecurity

08:40 Revolutionizing Program Development Together

10:08 Building Consensus Through Communication

12:33 "Business Insights and NERC SIP Evolution"

17:18 Utility's Major Implementation Challenge

20:08 Corporate Cybersecurity Challenges Uncovered

21:58 "Automated Inventory and Cybersecurity Insight"

27:21 Optimizing Cybersecurity and Metrics

30:56 Essential Infrastructure Basics Lacking

34:17 "Identifying and Resolving Hidden Issues"

37:21 Encouraging Change in Industrial Practices

42:11 "Finding the Right Team Mindset"

46:11 "Importance of Pre-Job Briefs"

About the guest:

Scott Rosenberger is currently the manager of Operational Technology for Luminant. He developed the Luminant program to address the reliability, security and ongoing maintenance of Operational Technology for Luminant’s Fossil Generation Fleet. He has a Bachelor of Engineering from Stevens Institute of Technology and is a registered professional Engineer in Texas. In his 23+ years with Luminant he has worked in nuclear and fossil plants, many corporate roles and for 3 years as Director of IT Security and Compliance. Scott also spent 3 years as a member of the NERC CIP drafting team.

Links to connect Scott:

https://www.linkedin.com/in/scottrosenberger/

Connect With Aaron Crow:

• Website: www.corvosec.com

In this episode, Aaron returns from an action-packed week at Black Hat and DEFCON in the sweltering heat of Las Vegas. He shares his firsthand impressions on the changing atmosphere of these legendary conferences, from skyrocketing prices to a slightly thinner crowd, and digs into hot topics like the surge in AI discussions and the ongoing clash of perspectives between IT and OT professionals.

Aaron also highlights the unmatched energy and camaraderie in the DEFCON villages—especially the ICS Village—and offers a sneak peek at exciting upcoming events, such as ResetCon and Lone Star Cyber Shootout.

Whether you’re a conference veteran or just OT-curious, this episode is packed with personal stories, industry trends, and tips for making the most out of these must-attend cybersecurity gatherings. Tune in and get ready to protect it all!

Connect With Aaron Crow:

• Website: www.corvosec.com
• LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

• Email: info@protectitall.co
• Website: https://protectitall.co/
• X: https://twitter.com/protectitall
• YouTube: https://www.youtube.com/@PrOTectITAll
• FaceBook: https://facebook.com/protectitallpodcast

To be a guest or suggest a guest/episode, please email us at info@protectitall.co

Please leave us a review on Apple/Spotify Podcasts:

Apple - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

Welcome back to Protect It All, the podcast where host Aaron Crow goes beyond the basics of OT to explore the dynamic intersection of IT and OT cybersecurity. In this episode, Aaron takes us inside a hacker summer camp in Las Vegas - home to industry giants Black Hat and DEFCON, where tens of thousands of security professionals gather each year.

Drawing from his years of experience attending these events, Aaron unpacks the good, the bad, and the ugly of the conference circuit: from the value of in-person networking and the buzz of vendor events, to the challenges of ROI, overwhelming hype, and the evolving role of sponsors.

Plus, he shares hard-won tips for making the most of Vegas - including how to find your tribe, engage meaningfully with vendors, and stay cool (literally and figuratively) amidst the chaos.

Whether you’re a first-timer or a seasoned attendee, this episode is packed with honest insights and actionable advice to help you navigate the ever-evolving world of cybersecurity conferences.

Key Moments:

03:05 Networking’s Importance in Vegas

08:29 Evaluating Black Hat Conference ROI

12:17 "CISOs' Discreet Presence at Vendor Events"

13:22 Buzzword Overload at Conferences

18:40 Relationship-Driven Sales Strategy

21:02 Balancing Conference Costs and Value

25:44 "Prioritize Genuine Leads Only"

27:05 Enhancing Cybersecurity Events

Connect With Aaron Crow:

• Website: www.corvosec.com
• LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

• Email: info@protectitall.co
• Website: https://protectitall.co/
• X: https://twitter.com/protectitall
• YouTube: https://www.youtube.com/@PrOTectITAll
• FaceBook: https://facebook.com/protectitallpodcast

To be a guest or suggest a guest/episode, please email us at info@protectitall.co

Please leave us a review on Apple/Spotify Podcasts:

Apple - https://podcasts.a...

In this episode, host Aaron Crow is joined by Kam Chumley-Soltani, Director of OT Security at Armis, for a candid conversation that dives into the ever-evolving landscape of OT (operational technology) and IT cybersecurity. After several rescheduling attempts across time zones and even parking lots, Aaron and Kam finally sit down to share their frontline experiences and insights from the world of critical infrastructure security.

From the increasing visibility of OT threats and the surge in regulatory requirements, to the convergence of IT and OT teams, they dig into what’s driving organizations to prioritize real-time visibility, risk management, and collaboration. Kam reflects on his diverse background in the military, at Cisco, Dragos, and now Armis, while Aaron draws on decades of experience leading teams across power plants and utilities in Texas. They both underscore the importance of people, process, and technology - reminding us that even the best tools are only as valuable as the teams that wield them.

The discussion explores the challenges smaller utilities face, balancing regulation with limited resources, and the need for cyber-informed engineering from the very start. Plus, they look ahead at the role of AI in cybersecurity, the daisy-chain effects of infrastructure attacks, and the importance of community and continuous learning in keeping ahead of the curve.

Whether you’re a cybersecurity veteran, just breaking into OT, or simply want to understand why your electricity bill matters, this episode is packed with anecdotes, practical advice, and a few laughs. So pull up a chair and get ready to protect it all!

Key Moments:

03:18 Cybersecurity Developments and Regulatory Changes

06:33 Demand for Consulting and Assessments

09:51 Future of Regulation and Community

13:06 Regulating Small Utilities Challenges

16:41 Cybersecurity in Critical Infrastructure

19:43 Simplifying Complex Issues for All

26:12 Embracing AI in Cybersecurity

27:39 "Embrace Challenges, Educate Yourself"

30:14 Cybersecurity Threats to Infrastructure

34:29 Evaluating Automated Alerting Systems

39:38 Controlled Network Configuration Risks

42:10 Underfunded Team: Multi-Skill Necessity

45:31 "Collective Progress and Contribution"

48:13 "Geopolitical Threats to Infrastructure"

About the guest :

Kam Chumley-Soltani serves as the Director of OT Solutions Engineering for the U.S. Public Sector at Armis, where he specializes in industrial cybersecurity. His expertise lies in designing secure and resilient network architectures for critical infrastructure environments.

Previously, Kam led Cisco’s OT Solutions Engineering team for the entire U.S. Public Sector, delivering end-to-end solutions across IoT/OT security, network architecture, diverse RF wireless deployments, embedded systems, and edge computing.

He has guided numerous global enterprises, federal agencies, and SLED organizations in architecting solutions that incorporate robust networking, cybersecurity controls, advanced threat dete...