2026 ICS Security Predictions: What’s Next for Critical Infrastructure

Podcast: teissPodcast - Cracking Cyber Security (LS 31 · TOP 5% what is this?)Episode: teissTalk: 2026 predictions for OT security and the future of cyber physical systemsPub date: 2025-12-25Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationExploitable vulnerabilities within OT devices and how this is expected to changeCyber warfare risk in 2026 - how organisations can defend themselvesSecuring the supply chain and expanding XIoT attack surfaceThom Langford, Host, teissTalkhttps://www.linkedin.com/in/thomlangford/Jordan M. Schroeder, CISOhttps://www.linkedin.com/in/schroederjordan/Zia Ush Shamszaman, Senior Lecturer in Computer Science, Teesside Universityhttps://www.linkedin.com/in/zia-ush-shamszaman/Elliot Gidley, Field CTO EMEA, Clarotyhttps://www.linkedin.com/in/elliotgidleyThe podcast and artwork embedded on this page are from TEISS, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Automation World Gets Your Questions Answered (LS 25 · TOP 10% what is this?)Episode: Why Manufacturers Can’t Delay Industrial CybersecurityPub date: 2025-12-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationA look at how manufacturers are fighting ransomware and supply chain threats with AI-powered defenses, OT-IT collaboration, and new industrial cybersecurity technologies. Access the source documents for this podcast by visiting this podcast on the Automation Word site at https://www.automationworld.com/55338375The podcast and artwork embedded on this page are from Automation World, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: CYBR.SEC.CASTEpisode: Diving (Pun Intended) into SCADA and Control Systems with Randy PetersenPub date: 2025-12-17Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, SJRA SCADA Superintendent and HOU.SEC.CON./OT.SEC.CON. speaker Randy Petersen joins Michal and Sam on the podcast to share his expertise on SCADA systems and the unique security challenges facing water facilities. They highlight real-world incidents and vulnerabilities in OT environments, offer practical advice for improving OT security and protecting essential services from cyber threats, and the importance of proactive defense strategies. Things Mentioned:OT.SEC.CON. Call for Papers - https://www.xcdsystem.com/cybrseccommunity/abstract/abstract.cfmCyber Centre warns hack tampered with pressure at Canadian water treatment plant -https://esemag.com/infrastructure/cyber-centre-warns-hack-canadian-water-treatment-plant/Randy's OT.SEC.CON. 2025 Presentation - "Network Asset Visibility Fundamental for OT Cybersecurity" - https://youtu.be/3tMGwnOFwhA?si=97bdtE6VROT8mZBrRandy’s HOU.SEC.CON. 2025 Presentation – “Change the Mindset - Availability is the Driving Factor” - https://youtu.be/tEUY3eeMGr8?si=K6bYUTp7rpPnvMatDo you have a question for the hosts? Reach out to us at [email protected] Keep up with CYBR.SEC.CON.:LinkedInXFacebookInstagramKeep up with CYBR.SEC.Media:LinkedInXFacebookInstagramCheck out our Conferences and Events:CYBR.SEC.CON.OT.SEC.CON.CYBR.HAK.CON.EXEC.SEC.CON.CSC User GroupSupport or apply to our Scholarship Program:TAB Cyber FoundationSubscribe to the podcast: AppleSpotifyIn this episode:Host: Michael FarnumHost: Sam Van RyderGuest: Randy PetersenProduction and editing: Lauren AndrusMusic by: August HoneyThe podcast and artwork embedded on this page are from CYBR.SEC.Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Energy Central (LS 29 · TOP 10% what is this?)Episode: How to protect a grid under siegePub date: 2025-12-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEvery utility leader wants to know: What can we do to protect an increasingly complex grid from security threats, both cyber and physical?This week on Power Perspectives, Adam Lee, Vice President and Chief Security Officer at Dominion Energy, sits down with host Kinsey Grant Baker to dissect the real, scalable strategies for defending the modern grid from today’s growing threats.And Adam is certainly an expert—complete with a distinguished security-focused background that brought him from FBI to the utility providing power to the Pentagon, naval bases, and some of the world’s most energy-intensive data centers.Listen in for a look at how Dominion is approaching cyber and physical security as a unified discipline and why partnerships across government, law enforcement, and the private sector are becoming essential to grid resilience.Signup for the Energy Central Daily Newsletter: https://energycentral.beehiiv.com/subscribeThe podcast and artwork embedded on this page are from The EC Network, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: RSACEpisode: Building Trust and Resilience Across the Future of Secure ConnectivityPub date: 2025-12-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAs 5G, IoT, and edge networks expand, secure connectivity defines digital trust. This session presents a practical roadmap for building resilience and governance into connected ecosystems. Using the proven CPD framework, this podcast will explore how leaders can embed commitment, preparedness, and discipline to ensure trust continuity. Dave Chatterjee, Visiting Professor, Pratt School of Engineering, Duke University Tatyana Sanchez, Content & Program Coordinator, RSAC Kacy Zurkus, Director, Content, RSACThe podcast and artwork embedded on this page are from RSAC, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: IT and OT Are Still Siloed - Here's Why That's DangerousPub date: 2025-12-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this rewind episode, Craig and Dino tackle a critical disconnect in industrial cybersecurity: the gap between IT teams deploying OT security tools and the plant floor teams who desperately need the data these tools collect.They reveal why 85% of data from industrial cybersecurity platforms is meant for OT personnel, yet rarely reaches them.The conversation exposes how organizations invest heavily in tools like IDS platforms but fail to share vulnerability data, asset inventories, and network intelligence with the system integrators, OEMs, and plant teams actually working on their control systems.Craig and Dino discuss the consequences of this siloed approach—from incomplete asset visibility to duplicated tooling—and offer practical guidance on achieving true IT-OT convergence.They emphasize that organizations must work with partners who can "build the car, not just buy it," and stress the importance of tabletop exercises, proper vendor vetting, and collaborative frameworks that include the entire industrial ecosystem in cybersecurity planning and execution.Chapters:(00:00:00) - The Growing Problem: OT Teams Lack Access to Critical Security Data(00:01:47) - IT-OT Convergence in Practice: Are We Really Doing It?(00:04:42) - Why IT Teams Keep Security Data Siloed from Plant Floor Partners(00:06:38) - The Consequence: System Integrators Bring Their Own Tools(00:08:38) - The Disconnect Between IT Security Tools and OT Reality(00:11:48) - How to Bridge the Gap: Questions System Integrators Should Ask(00:15:42) - Vetting Your Security Partners: Can They Build the Car or Just Buy It?(00:17:46) - The Three-Legged Stool: Why IT-Only Security Fails in Manufacturing(00:20:48) - Action Steps: Creating a Comprehensive List of Your Industrial Ecosystem(00:22:48) - Final Thoughts: Moving Beyond Security Theater to True CollaborationLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Exploited: The Cyber Truth Episode: 2026 ICS Security Predictions: What’s Next for Critical InfrastructurePub date: 2025-12-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAs industrial control systems become more connected, more Linux-based, and more exposed to IT-style threats, 2026 is shaping up to be a turning point for ICS security. In this end-of-year predictions episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder & CEO Joseph M. Saunders and CTO Shane Fry to discuss what will define ICS and critical infrastructure security in 2026. The episode explores a bold prediction: We will see a major ICS breach originating from a web application vulnerability running directly on an embedded control device. As full Linux operating systems, Node.js apps, and web servers increasingly appear inside OT equipment, long-standing IT vulnerabilities are colliding with systems that are difficult—or impossible—to patch. Joe and Shane dig into why detection-only strategies fall short in constrained, long-lived devices, and why secure by design engineering, memory safety, and runtime protections are becoming essential. They also discuss the importance of accurate, build-time Software Bills of Materials, especially as regulations like the EU Cyber Resilience Act push manufacturers toward transparency, accountability, and provable supply-chain visibility. Together, they cover: Why ICS exploitation is shifting from theoretical to operationalHow web app and RCE vulnerabilities are creeping into OT devicesThe limits of detection-only security strategiesWhy memory safety and runtime protections reduce exploitable riskHow build-time SBOMs improve vulnerability tracking and trustThe podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Arabia PodcastEpisode: Securing the Food Industry | 63Pub date: 2025-12-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this insightful episode, host Dr Sulaiman Alhasawi sits down with Adnan Ahmad, CISO at Ornua, the global dairy cooperative behind Kerrygold, operating 11 factories across Europe, the US, and Saudi Arabia.They dive into the unique world of OT security in food manufacturing, where:🔹 Production uptime & safety > cybersecurity (until something breaks)🔹 Equipment can be 10–50 years old — replaced only when broken🔹 A cyberattack could mean contaminated products, recalls, or brand damageAdnan shares how he leads both IT & OT security with a unified strategy based on IEC 62443 and ISO27001, emphasizing:✅ Asset visibility✅ Network segmentation✅ Joint IT-OT governance✅ Tailored training for floor workers to leadershipHe also discusses compliance under EU’s NIS2 Directive, the risks of recipe tampering via PLCs, and the need for stronger collaboration — especially in the Middle East.The podcast and artwork embedded on this page are from ICS ARABIA PODCAST, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: AI Isn’t the Answer: Why Cybersecurity Fundamentals Still Decide OT and IT SuccessPub date: 2025-12-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAI is everywhere - but it won’t fix broken cybersecurity foundations. In this end-of-year wrap-up episode of Protect It All, host Aaron Crow takes a hard look at the growing hype around AI in cybersecurity and explains why fundamentals still matter more than any shiny new tool, especially in OT environments. Drawing from real-world experience and industry observations, Aaron challenges the belief that AI can compensate for missing basics like asset inventory, network segmentation, and clear ownership. He reframes AI as a powerful assistant not a savior and warns against the risks of rushing into automation without understanding what you’re protecting in the first place. You’ll learn: Why basic cybersecurity hygiene still determines success or failure How AI fits best when foundations are already in place The dangers of shadow AI in OT and industrial environments Why asset visibility and segmentation remain non-negotiable How leaders should think about AI as a support tool - not a shortcut What OT and IT teams should prioritize heading into 2026Whether you’re closing out the year or planning ahead, this episode delivers a grounded, experience-driven perspective on building resilient cybersecurity programs—without chasing hype. Tune in to hear why mastering the basics is still the smartest cyber strategy - only on Protect It All. Key Moments:  03:32 "Technology Complexity vs. Practicality" 09:33 "AI as an Entry-Level Intern" 12:29 "AI: A Powerful Team Tool" 16:24 "AI Alone Won't Fix Cyber" 19:34 "Mastering Basics Before AI Integration" 21:46 "Shadow AI and Resilience" 25:26 "Addressing Gaps and Ownership" 30:27 "Foundations Matter for Success" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: [email protected]  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast  To be a guest or suggest a guest/episode, please email us at [email protected] Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Arabia PodcastEpisode: Rail Cybersecurity & OT SOCs in the Middle East (Arabic) | 56Pub date: 2025-12-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this first-ever ICS Arabia Podcast episode focused on rail cybersecurity and OT Security Operations Centers (SOCs), I sit down with Omar Sherin, Consulting Partner at PwC Middle East and a pioneer in the region’s critical infrastructure protection.We explore:1- Rail-specific cyber threats and how OT SOCs are built to defend them2- Real-world challenges in the Middle East’s transportation sector3- National efforts to build security labs for firmware, SBOMs, and ICS hardware4- How Arab countries can strategically improve their OT cybersecurity postureThe podcast and artwork embedded on this page are from ICS ARABIA PODCAST, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.