Cassie Crossley on Hardware Security, HBOMs

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Danielle Jablanski on Critical Infrastructure ProtectionPub date: 2025-05-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDanielle Jablanski, Industrial Control Systems Strategist & Subject Matter Expert at CISA, joins the Nexus podcast to discuss her perspectives on critical infrastructure protection and government's role as a cybersecurity partner on implementation guidance and enablement. Danielle touches on a number of areas of CI security and protection, ranging from the challenges arising from the high percentage of private sector ownership of critical infrastructure, to the assistance available from CISA and other agencies to lesser-resourced entities in the 16 CI sectors. Listen and subscribe to the Nexus Podcast on your favorite platform.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Government Information Security Podcast (LS 27 · TOP 10% what is this?)Episode: Mature But Vulnerable: Pharmaceutical Sector's Cyber RealityPub date: 2025-05-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationPharmaceutical companies typically have more mature cyber programs than other healthcare factions, but these firms also face unique risks involving their large attack surfaces, complex manufacturing, supply chains and sensitive intellectual property, said Joshua Mullen of Booz Allen Hamilton.The podcast and artwork embedded on this page are from GovInfoSecurity.com, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrie neu gedacht - ein Tech-Podcast von Bosch RexrothEpisode: Cyber Resilience Act (CRA) - no time to waitPub date: 2025-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe CRA is keeping the industrial sector busy. We speak to two experts: Michael Langfinger and Sebastian Krauskopf. They both work for Bosch Rexroth and explain to us what machine builders need to look out for. More about the topic: https://www.boschrexroth.com/en/de/industries/hydrogen/ Do you already know the Rexroth blog If you have any questions, please contact us: vertrieb@boschrexroth.de Produced by Bosch Rexroth AG, Sales Europe Centre Susanne NollThe podcast and artwork embedded on this page are from Bosch Rexroth AG, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Cassie Crossley on Hardware Security, HBOMsPub date: 2025-05-07Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSchneider Electric Vice President of Supply Chain Security Cassie Crossley joins the Nexus Podcast to discuss the nuances of hardware security and the growing need for hardware bills of materials (HBOMs) within critical infrastructure.Cassie covers the use cases and features that matter most within an HBOM, some of the threats and weaknesses they can illuminate for users, and how they can change the current status quo for CI sectors that have concerns about the provenance of hardware components and the threats they pose. Cassie is an experienced cybersecurity technology executive in information technology and product development and author of “Software Supply Chain Security: Securing the End-to-End Supply Chain for Software, Firmware, and Hardware.”Listen and subscribe to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: How to implement Zero Trust in OT environments? | OT Security Made SimplePub date: 2025-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationZero Trust expert Stefan Sebastian talks us through the process of Zero Trust in critical OT networks like substations - and explains why this will be the make segmentation obsolete.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Automation World Gets Your Questions Answered (LS 24 · TOP 10% what is this?)Episode: How Digital Twins and Cybersecurity Impact Safety Risk AssessmentsPub date: 2025-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAndrew Harris with system integrator ACS explains how cybersecurity fits in with equipment safety as part of a risk assessment, and the use of digital twin tech and safety PLCs as part of the safety risk assessment process.The podcast and artwork embedded on this page are from Automation World, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrie neu gedacht - ein Tech-Podcast von Bosch RexrothEpisode: Cyber Resilience Act (CRA) - keine Zeit zu wartenPub date: 2025-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDer CRA beschäftigt die Industrie. Wie sprechen mit zwei Experten: Michael Langfinger und Sebastian Krauskopf. Sie arbeiten beide für Bosch Rexroth und erklären uns, worauf Maschinenbauer achten müssen, wie Bosch Rexroth unterstützt. Kennen Sie schon den Rexroth-Blog Wenn Sie Fragen haben, dann wenden Sie sich gerne an: vertrieb@boschrexroth.de Produziert von Bosch Rexroth AG, Vertrieb Europa Mitte Susanne NollThe podcast and artwork embedded on this page are from Bosch Rexroth AG, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Open Source Security (LS 38 · TOP 2% what is this?)Episode: Embedded Security with Paul AsadoorianPub date: 2025-05-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRecently, I had the pleasure of chatting with Paul Asadoorian, Principal Security Researcher at Eclypsium and the host of the legendary Paul's Security Weekly podcast. Our conversation dove into the often-murky waters of embedded systems and the Internet of Things (IoT), sparked by a specific vulnerability discussion on Paul's show concerning reference code for the popular ESP32 microcontroller. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-05-embedded-security-with-paul-asadoorian/The podcast and artwork embedded on this page are from Josh Bressers, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Stuxnet to Colonial Pipeline What Have We Learned & What’s on the Horizon?Pub date: 2025-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDino sits down with Mike Holcomb, Fellow and Director of ICS/OT Cybersecurity at Fluor, to explore the critical, and often overlooked challenges in securing operational technology. From his early fascination with hacking culture to leading OT security for one of the world’s largest engineering firms, Mike shares personal insights and lessons learned. The conversation covers the delayed cybersecurity maturity in OT environments and the lasting impact of the Colonial Pipeline breach.They address the crucial role of visibility, engineering partnerships, and cultural buy-in when building secure industrial systems. Whether you’re managing pipelines, power grids, or manufacturing floors, this episode delivers actionable insights and strategic foresight for leaders protecting our most vital infrastructure.Chapters:00:00:00 - Why OT Security Still Falls Behind00:01:03 - Mike Holcomb’s Unlikely Path to Cybersecurity00:01:23 - Hacking Curiosity and a Love for Breaking Things00:02:16 - From Network Admin to OT Defender00:03:08 - Stuxnet, Colonial, and the Wake-Up Calls We Ignored00:06:18 - When OT and IT Don’t Speak the Same Language00:12:14 - Threats Are Getting Smarter — Are We Keeping Up?00:26:29 - Evolving the Culture of Cyber Hygiene00:32:14 - Final Takeaways for Security LeadersLinks And Resources:Mike Holcomb on LinkedInIndustrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Beyond Compliance Cybersecurity Insights With Blake Hoge and Aaron CrowPub date: 2025-05-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crowe sits down with cybersecurity professional Blake Hoge for an unscripted deep dive into the world of IT, OT, and everything in between. In this engaging conversation, Aaron and Blake share their personal journeys through the cybersecurity landscape—from consulting roots and data center audits, to navigating third-party risk, compliance programs, and even some unforgettable experiences in global call centers and power plants.   This episode goes beyond the technicalities, exploring the importance of hands-on assessments, the unexpected vulnerabilities that linger in even the most sophisticated environments, and why fresh eyes are crucial for spotting hidden risks.  Aaron and Blake also open up about their favorite use cases for AI—both on and off the job, and how these evolving tools are reshaping everything from incident response planning to everyday productivity.   But it’s not all about cyber threats and compliance checklists. The conversation takes a thoughtful turn as the two discuss the vital role of mental health, physical wellness, and community in sustaining long careers in high-pressure fields. From rucking at dawn and cycling in Moab to decompressing at cyber shootouts and embracing new technologies, Aaron and Blake remind us that protecting it all starts with taking care of ourselves and each other. Join us for a lively, candid episode packed with actionable insights, relatable stories, and a reminder that cybersecurity is, above all, a people business.   Key Moments:    09:47 Power Plant Fire Recovery Chaos 13:36 Infrastructure Maintenance & Security Compliance 16:10 Access Control Testing Concerns 23:22 "Design Process: Theory vs. Reality" 31:22 Dynamic Incident Response Planning 33:07 Commitment to Security and Transparency 39:21 Customized Consultancy for Unique Needs 47:05 "Understanding Contract Essentials" 50:42 In-House AI to Safeguard Data 57:47 AI Simplifies Search and Booking 59:13 Mental Wellness Strategies in Tech 01:03:52 Fitness and Energy Through Activity 01:10:44 "Business is a People Endeavor"   About the guest :  Blake Hoge leads third-party security at Airbnb, strengthening partnerships, and founded AmplifyGRC to support small businesses in building security and trust. At Instacart, he developed and scaled security and trust programs and compliance programs. At Salesforce, he managed security for global data and call centers. With over a decade in governance, risk, and compliance, Blake holds CISA, CDPSE, and PMP certifications, reflecting his expertise. Blake lives in the greater Austin, Texas area, and enjoys connecting with other professionals locally.   How to connect Blake:  Linkedin page: https://www.linkedin.com/in/blakehoge/ Company website: https://www.amplifygrc.com/   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: [email protected]  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at [email protected]   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.