OT After Hours
OT After Hours, a podcast about operational technology security, brings you candid conversations with ICS engineers and experts who get the unique challenges you face. Join us for unfiltered stories and advice from the front lines of industrial cybersecurity as we share best practices, lessons learned, and a few laughs along the way.
info_outline
Predictions, Old and New!
12/18/2025
Predictions, Old and New!
In this episode of OT After Hours, Ken Kully (Systems Support Lead for Rockwell SecureOT), sits down with Natalie Kalinowski (Network & Cybersecurity Specialist), Lance Lamont (Special Projects & Protocols Team Lead), Zach Woltjer (Technical Account Manager), and Rick Herzing (Systems Support Analyst) The team reviews last year’s predictions for 2025 in industrial cybersecurity, confirming that most came true and discussing their impact on hybrid workforces, regulatory compliance, AI integration, dynamic detection, zero trust, legacy device security, monitoring, and third-party risks. They then discuss emerging cybersecurity threats and trends for 2026, focusing on AI-driven attacks, deep fakes, mandatory MFA, compliance enforcement, insurance-driven resilience, and ongoing supply chain risks. 2025 Predictions Reviewed Hybrid Workforce Risks: TRUE. The expansion of hybrid workforces has increased device risks, with companies adopting solutions like VPNs, MFA, and endpoint protection to mitigate new attack vectors. Regulatory Compliance Challenges: PARTIALLY TRUE. The vagueness of some regulations, the struggle for end users to translate them into actionable metrics, and the slow pace of regulatory change, leave much to be desired. AI Integration in Cybersecurity: TRUE. There has been growing use of AI in cybersecurity products. The SecureOT research team has found AI to be highly confident but only moderately accurate, underscoring the importance of human oversight. Dynamic Detection and Zero Trust: TRUE. The shift from signature-based detection to dynamic methods due to adaptive malware, has been ongoing for years. Zero trust policies have become more prevalent. Legacy Device Security and Obsolescence Planning: TRUE. The persistent challenge of securing legacy devices in industrial environments continues unabated. Monitoring and Third-Party Risks: PARTIALLY TRUE. Combining passive and active monitoring tools is not on track to become a standard in OT cybersecurity. But there is growing concern over third-party risks and the mitigation thereof, especially with new compliance requirements like the Cyber Resiliency Act. Predictions and Trends for 2026: AI-Driven Cyber Attacks: We can expect to see more end-to-end AI cyber attacks. There is potential for increased automation and sophistication, including lateral movement into OT environments. Deep Fakes and Social Engineering: We can expect to see an expansion in the ongoing threat posed by deep fakes and phishing, given the growing ease of generating convincing audio and images. Mandatory MFA and Compliance Enforcement: We are unlikely to see truly mandatory MFA adoption; that legal compliance and fines may well be necessary for widespread adoption, especially in OT. Insurance-Driven Cyber Resilience: Insurers may drive faster adoption of cyber hygiene practices by requiring verified resilience for coverage. Some companies may choose pay fines instead. Supply Chain and Open Source Risks: The threat of supply chain infections, especially with increased AI-generated code contributions, will grow in the year to come. Organizations should focus on retaining skilled software engineers to validate code. Subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/39456835
info_outline
Back from Automation Fair
11/26/2025
Back from Automation Fair
In this episode of OT After Hours, Ken Kully (Systems Support Lead for Rockwell SecureOT), sits down with Natalie Kalinowski (Network & Cybersecurity Specialist), Tyler Bergman (Operations Team Lead) and Lance Lamont (Special Projects & Protocols Team Lead) to discuss the recently-concluded Rockwell Automation Fair. And if you weren’t able to attend Automation Fair, you can still find videos and presentations from it on . Key Takeaways Automation Fair is a major annual event held by Rockwell Automation, attracting both employees and customers. The event features workshops, tech demos, and product displays, not unlike a mini-CES for Rockwell, its partners, and its clients. Workshops ranged from basic controller programming to advanced topics like CPWE design with Cisco and Powerflex fundamentals. Keynotes are a valuable way to gauge Rockwell’s strategic direction, including the announcement of a $2 billion investment in a new greenfield facility in southeastern Wisconsin, set to open in 2028 as a showcase for automation, AI, robotics, and cybersecurity. Numerous robotics demos at the Automation Fair, including collaborative robots (cobots), multi-brand robot arm interoperability, and advanced material handling systems. Verve Industrial Protection has been rebranded to Rockwell Secure OT, which was a prominent presence in Rockwell’s display area. Lots of conversations at the SecureOT booth, discussing asset inventory, risk analysis, and the new risk scoring features, while engaging with customers and IT/OT professionals to address practical use cases and integration challenges. Vibrant event culture, including pin-collecting, and swag at the SecureOT booth, the role of casual interactions in networking, and the significance of shared spaces like the lunch hall in fostering connections among attendees. Timestamps 00:36 – Preamble and recording kickoff 00:56 – Introductions by Lance, Tyler, and Natalie 01:37 – What is the Automation Fair, and where was it held? 04:54 – Robots, cobots, and robot inter-operatbility 18:04 – Workshops, keynotes, and collectible pins 27:26 – Massive space for lunch...and networking 28:11 – FIRST Robotics and Student Mentorship 32:25 – The SecureOT Booth Experience 46:24 – Wrap-ups, more robotics, and final takeaways Subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/39181755
info_outline
Live from Verve Developers Gathering
10/30/2025
Live from Verve Developers Gathering
In this episode of OT After Hours, Lance Lamont, Special Projects & Protocols Team Lead, sits down with Tyler Bergman (Operations Team Lead) and Richard Melito (Senior Software Engineer) to discuss Richard’s history at Verve and now Rockwell, the development process for Verve’s software, and what standout features are in version 1.42 of the Verve Security Center (VSC). This episode was recorded at the end of September, but was under embargo until the release of VSC 1.42. Timestamps 00:00 – Introduction and explanation of episode embargo 01:46 – Introductions by Lance, Tyler, and Richard 03:07 – What is the Verve Development Gathering? 17:30 – Richard Melito’s career trajectory 27:11 – “Software With Consequences” - real-world impacts of critical software 30:54 – The Integrations team and what they do, and Richard’s current role 33:32 – Risk Management in VSC 1.42 and custom asset risk scoring 39:12 – Richard’s thoughts on software and application development 42:24 – Wrap-ups, future podcast ideas, and the challenges of marketing Subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 | | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/38847820
info_outline
The SkillBridge Path
08/28/2025
The SkillBridge Path
In this episode of OT After Hours, host Ken Kully, Systems Support Lead at Verve Industrial, sits down with Zach Woltjer and Connor Murphy, Technical Account Managers at Rockwell Automation to explore how the U.S. Department of Defense’s SkillBridge program is helping veterans transition into civilian careers in OT cybersecurity. Zach shares how his own journey through SkillBridge not only eased his transition out of the military but also inspired him to help set up the program at Verve. Connor recounts his path from military intelligence into OT security, proving that determination, adaptability, and soft skills can open doors—degree or no degree. Together, their stories highlight how military training and mindsets translate into critical skills for protecting industrial infrastructure. Key Takeaways SkillBridge as a bridge: A program designed to help military personnel transition smoothly into civilian careers, including cybersecurity roles. Soft skills are critical: Strategic thinking, adaptability, and communication—often honed in the military—translate directly to success in OT security. From intel to OT security: Zach and Connor share how experiences in military intelligence prepared them for cybersecurity careers. The value for companies: SkillBridge allows organizations to bring in talented veterans, “test drive” potential hires, and diversify teams with unique backgrounds. Degree not required: Connor’s success story emphasizes that curiosity, drive, and continuous learning matter as much as formal education. Timestamps 00:00 – Introduction and overview of career-focused mini-sodes 02:30 – Introducing Zach Woltjer and Connor Murphy 03:08 – What the SkillBridge program is and why it matters 07:40 – Zach’s path: military service, mentors, certifications, and SkillBridge experience 13:57 – Bringing SkillBridge to Verve and recruiting Connor into the program 17:20 – Connor’s journey: transitioning out of the Air Force, overcoming doubts, and gaining new skills 24:18 – How SkillBridge works for companies: processes, intermediaries, and benefits 32:29 – Why veterans should consider SkillBridge when transitioning out 34:52 – Challenges of shifting from military to civilian culture 36:34 – Final reflections on SkillBridge and its impact on careers in OT cybersecurity Guest Information Zachary Woltjer: Technical Account Manager at Rockwell Automation. A U.S. Air Force veteran who helped establish the SkillBridge program at Verve, bridging military expertise with civilian OT cybersecurity needs. Connor Murphy: Technical Account Manager at Rockwell Automation. An Air Force veteran who transitioned into OT cybersecurity through SkillBridge, now focused on supporting clients and advancing his cybersecurity career. Subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 | | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/38001920
info_outline
From a TRS-80 to OT Cybersecurity
08/22/2025
From a TRS-80 to OT Cybersecurity
In this episode, we trace the career of Tyler Bergman, Operations Team Lead at Rockwell Automation (formerly Verve Industrial), whose early fascination with computers and programming sparked a path that led through SCADA operations, utility cooperatives, and consulting before finding a home in OT cybersecurity. Join host Ken Kully, Systems Support Lead at Verve Industrial, as Tyler shares how persistence, hands-on experience, and a thirst for knowledge shaped his expertise—and why networking fundamentals are the backbone of OT security. Key Takeaways A lifelong passion for technology: From programming on a TRS-80 as a child to building custom systems for nonprofits, Tyler’s curiosity and drive shaped his technical foundation. SCADA and utility experience: Years spent in municipal and cooperative environments provided hands-on exposure to the OT landscape long before “OT security” was a defined field. The value of persistence: Earning a CCNA after multiple attempts showed the resilience required to keep advancing in cybersecurity. Networking as the cornerstone: Understanding networks and how devices present themselves is one of the most critical skills in OT security. Bridging OT and IT: Tyler’s background gave him unique insight into why protecting critical infrastructure requires a balance of availability, reliability, and security. Timestamps 00:00 – Early fascination with robotics, the TRS-80, and programming in BASIC 03:06 – High school years, military service, and starting a consulting business 05:46 – Transition into networking, SCADA operations, and pursuing certifications 12:01 – Cybersecurity experiences, OT systems, and utility cooperative work 14:03 – Joining Verve Industrial and focusing on OT cybersecurity 18:30 – Reflections on career path, lifelong learning, and excitement for future challenges Guest Information Tyler Bergman: Lead of the Field Deployment Team at Rockwell Automation (formerly Verve Industrial). With more than two decades of experience spanning SCADA operations, utilities, consulting, and networking, Tyler brings deep insight into the intersection of operational technology and cybersecurity. Passionate about hands-on problem solving, persistence in learning, and building secure critical infrastructure. Subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 | | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/37923460
info_outline
From Snowboarding Slopes to Securing OT Networks
08/15/2025
From Snowboarding Slopes to Securing OT Networks
In this episode, we follow the unique career journey of Natalie Kalinowski, Network & Cybersecurity Specialist at Verve Industrial, from teaching snowboard lessons to managing complex industrial network security. Join host Ken Kully, Systems Support Lead at Verve Industrial, as Natalie shares how international internships, early career programs, and continuous learning shaped her expertise—and her advice for anyone looking to break into OT security. Key Takeaways Career pivots can start anywhere—Natalie’s path began on the slopes and in hands-on engineering internships across the Dominican Republic and Germany. Rockwell Automation’s EDGE program provided foundational OT automation skills, bridging the gap from theory to real-world application. Continuous upskilling through certifications (CISSP, CCNA, FEMA courses) and self-directed study is key to keeping pace in a fast-evolving field. Strong communication skills—especially with global teams—are as critical as technical knowledge in OT security. For newcomers: pursue foundational certifications, gain experience in IT or OT support roles, and immerse yourself in industry news and terminology. Timestamps 00:00 – Introduction & early jobs: teaching snowboarding and discovering manufacturing 02:10 – Engineering studies at Marquette University & global internships (Dominican Republic, Germany) 04:15 – Why manufacturing offered the variety and challenge Natalie wanted 05:30 – Joining Rockwell Automation through the EDGE early-career program 07:20 – Gaining hands-on experience in networks, automation, and OT environments 09:00 – Transitioning to network and cybersecurity focus 10:15 – Rockwell’s acquisition of Verve and upskilling in cybersecurity 13:00 – Certifications and training: PSIRT, CVSS, CCNA, FEMA, CISSP prep 15:40 – Overcoming imposter syndrome and building communication skills 19:05 – Working with global teams and adapting communication for non-native English speakers 21:00 – Advice for newcomers: certifications, entry-level IT/OT roles, learning the lingo, and staying informed Guest Information Natalie Kalinowski: Network & Cybersecurity Specialist at Verve Industrial with a background in computer engineering, global manufacturing internships, and OT network design. Passionate about continuous learning, cross-cultural communication, and mentoring new entrants into the cybersecurity field. Subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 | | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/37832185
info_outline
From Embedded Developer to OT Protocol Sleuth
08/08/2025
From Embedded Developer to OT Protocol Sleuth
In this episode, we explore how an embedded-systems engineer became the leader of Verve’s Special Projects & Protocols team—and what his journey says about recruiting, culture, and continuous learning in OT security. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guest Lance Lamont, Manager for Special Projects & Protocols, as they discuss career pivots, protocol reverse-engineering, and building low-ego teams that thrive on curiosity. Key Takeaways Transferable skills matter: deep protocol expertise from product engineering can power OT-security research Flexibility attracts talent: “We want you for your skills, not your hours” sealed Lance’s mid-pandemic move to Verve Low ego, high curiosity: teams grow faster when members admit mistakes and chase answers together Diverse entry points strengthen outcomes: mixing maker-space tinkerers, robotics alumni, and anime-inspired problem-solvers yields broader perspective Timestamps 00:00 – Introduction and sound check 00:05 – From touch-screen drivers to a LinkedIn message that changed everything 02:45 – Turning down (then accepting) the offer: balancing parenting and remote work 05:20 – “Skill collector” mindset and early protocol wins 07:10 – Maker-space leadership and the value of empowering others 09:38 – Imposter feelings, confidence, and the culture of asking questions 11:30 – Hiring for curiosity and low ego: what Lance looks for in new team members 13:00 – Closing thoughts on continuous learning and career growth Guest Information Lance Lamont: Manager, Special Projects & Protocols at Verve Industrial. Former embedded developer (power tools, automotive, touchscreens) who now leads a multidisciplinary research team reverse-engineering OT communication protocols. Subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 | | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/37738270
info_outline
From Craft Cocktails to Control Systems
07/30/2025
From Craft Cocktails to Control Systems
In this episode, we trace an unlikely career pivot from fine‑dining bartender to the helm of Verve’s OT cybersecurity lab. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guest Andrew Wintermeyer, Team Lead, Device & Integration Research, as the latter discusses breaking into the field, learning on the fly, and why forgotten manuals can be more dangerous than zero‑days. Key Takeaways Curiosity compounds — an hour of self‑study each week can snowball into deep expertise. Real‑world OT risks often hide in “maintenance” passwords and long‑running configs. A safe testing lab accelerates learning and de‑risks production environments. Soft skills from hospitality — patience, improvisation — translate surprisingly well to cybersecurity. Timestamps 00:00 – Introduction 00:05 – Holiday bartending burnout sparks a career rethink 01:40 – Six‑week help‑desk contract at Madison Power & Electric turns into a year 02:40 – Landing at Verve as a COVID‑era lab assistant 03:13 – First solo day in the lab: imposter syndrome & safety scares 03:50 – The breakthrough that changed everything 04:59 – Finding your place in the field 05:20 – Sunday‑night learning ritual and compounding knowledge 06:30 – What happens in the field matters Guest Information Andrew Wintermeyer: OT Security Specialist and lead for Verve’s North American lab. Former bartender turned Java programmer, now wrangles PLCs, SCADAPack, and virtualization stacks to keep client environments safer. Subscribe Get in Touch 🔗 | | | I
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/37610640
info_outline
Lightweight Forensics With Verve Reporting
06/27/2025
Lightweight Forensics With Verve Reporting
In this episode, we take a look at how Verve Reporting, and in particular its ability to search and filter logs, can be useful for high-level forensic investigation. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Dustin Gogue (Technical Account Manager), Andrew Wintermyer (Team Lead, Device & Integration Research) and Zach Woltjer (ICS Security Specialist) as they dive into how Verve Reporting helped identify user account management and authentication issues. Key Takeaways Proper user account hygiene (especially timely user off-boarding) is a key component of a robust security strategy. Maintaining named user accounts for key personnel is important for non-repudiation during investigations. OT software is sometimes installed in a way that binds its services or application authentication to a particular user account, which can present a challenge when and if that user needs to be off-boarded. The ability to collect, filter, and search event logs quickly and easily is a key component of forensic and incident investigation. Timestamps 00:00 – Introduction and sound check 00:27 – Welcome to Season Two of OT After Hours 00:37 – Guest introductions: Dustin, Andrew & Zach 01:30 – Quick overview of what logs are 02:19 – Why logs are important to digital forensics 04:43 – Dustin steps through the process of investigating an influx of logs and discovering key issues 12:50 – Identifying an improperly off-boarded user account within the authentication logging data 13:30 – The complexities of user off-boarding in OT environments 16:32 – Zach on incorporating user account privileges and user employment status into risk calculations 24:15 – Value of the Verve Reporting platform and roundtable discussion 32:33 - Outtro and thank yous Guest Information Dustin Gogue: Technical Account Manager at Verve Industrial Andrew Wintermyer: Device & Integration Research Team Lead at Verve Industrial Zach Woltjer: ICS Security Specialist at Verve Industrial Subscribe Get in Touch | | | I
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/37182240
info_outline
The CIA Triad in OT & Automation
05/21/2025
The CIA Triad in OT & Automation
In this episode, we grapple with a deceptively simple question: in an operational technology environment, which element of the CIA triad—confidentiality, integrity or availability—should reign supreme? Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Natalie Kalinowski (OT Security Analyst), Tyler Bergman (Industrial Cybersecurity Engineer) and Zach Woltjer (ICS Security Specialist) as they debate real-world incidents, legacy system constraints and industry priorities that shape how we secure critical infrastructure. Key Takeaways Availability often takes center stage in OT—downtime can cost millions and trigger regulatory shutdowns. Integrity attacks (like Stuxnet-style tampering) are scarier than outright outages: misleading data can hide dangerous conditions. Confidentiality matters too—information gathering paves the way for future, highly targeted attacks. In practice, availability and integrity are inseparable: validating data flow can bolster both pillars simultaneously. A holistic, risk-based “crown jewels” assessment helps organizations focus on the devices and data that matter most. Timestamps 00:00 – Introduction and sound check 00:43 – Welcome to Season Two of OT After Hours 01:06 – Guest introductions: Natalie, Tyler & Zach 04:00 – Defining confidentiality, integrity and availability 07:57 – Tyler on why availability skyrockets in OT environments 11:53 – Natalie on integrity attacks and the legacy of Stuxnet 25:05 – Ken and team explore integrity-based attack scenarios and encryption trade-offs 39:47 – Natalie on confidentiality’s long-term impact (Ukraine grid outages, HAVoC) 43:04 – Roundtable closing thoughts: tying availability & integrity together 47:12 – Outro and how to submit your questions Guest Information Natalie Kalinowski: OT Security Analyst at Verve Industrial, specializes in vulnerability management and threat research. Tyler Bergman: Industrial Cybersecurity Engineer at Verve Industrial, expert in SCADA availability and risk mitigation. Zach Woltjer: ICS Security Specialist at Verve Industrial, focuses on OT-IT convergence and strategic assessments. Subscribe Get in Touch | | | I
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/36658460
info_outline
To CVE or Not to CVE?
04/23/2025
To CVE or Not to CVE?
In this episode, we explore how often OT teams really need to refresh asset-inventory data and what MITRE’s near-miss funding lapse for the CVE program means for vulnerability management. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Natalie Kalinowski (OT Security Specialist), Lance Lamont (Team Lead, Special Projects & Protocols), Andrew Wintermeyer (Senior ICS Architect), and Tyler Bergman (Principal Security Consultant) as they discuss scan cadences, change-detection value, and building redundancy into threat-intel pipelines. Key Takeaways Context drives cadence. Fan speed may need minute-level polling, firmware often does not. Redundancy is resilience. Blend NVD, CISA, MITRE, and vendor advisories to survive feed outages. CVE is a language, not the cure. Losing it wouldn’t add vulnerabilities, but it would cripple prioritization. Change detection turns inventory data into real-time alerts for unauthorized config tweaks. Timestamps 00:00 – Introduction and sound check 03:30 – Why “asset-data freshness” landed on today’s agenda 04:10 – MITRE CVE funding scare: what happened and why it matters 10:50 – OT vs. IT views on vulnerability backlog and enrichment 18:00 – Mapping scan frequency to business need 24:40 – Change management and configuration-drift detection 33:00 – Diversifying data sources beyond NVD 38:50 – The proposed “CVE Foundation” for long-term stability 42:40 – Building redundancy into threat-intel pipelines 44:50 – Listener poll results: hard-rock “Legacy Code” wins 46:15 – Sign-off and credits Listener Q&A We're happy to announce that the hard rock version of Legacy Code on the Conveyor Belt was far-and-away the fan favorite! ! Guest Information Natalie Kalinowski: OT Security Specialist at Verve Industrial; leads proof-of-value engagements and vulnerability mapping. Lance Lamont: VP, Solutions Engineering at Verve Industrial; directs driver development and asset-inventory strategy. Andrew Wintermeyer: Senior ICS Architect at Verve Industrial; designs secure network architecture for critical infrastructure. Tyler Bergman: Principal Security Consultant at Verve Industrial; focuses on risk prioritization and framework alignment. Subscribe Get in Touch | | | I
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/36280320
info_outline
Active vs. Passive
03/19/2025
Active vs. Passive
In this episode, we explore the complexities of asset management in operational technology (OT) security. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Tyler Bergman, Zachary Woltjer, Natalie Kalinowski, and Lance Lamont as they discuss the challenges of tracking and securing assets in industrial environments, the impact of legacy systems, and the best strategies for improving visibility and resilience. Key Takeaways Asset management is a foundational element of OT security, yet many organizations struggle with visibility. Manual, passive, and active asset discovery each have unique benefits and limitations. IT/OT convergence presents additional challenges in integrating and securing legacy systems. The right combination of asset discovery methods is critical for maintaining security and operational efficiency. Organizations must balance security with practicality when implementing asset inventory strategies. Listener Q&A for your favorite version of Legacy Code on the Conveyor Belt! Version 1: Version 2: Want to ask a question for the experts at Verve to answer? ! Timestamps 00:00 – Introduction and sound check 06:00 – Why asset management is critical to OT security 10:30 – The impact of legacy systems on asset visibility 15:20 – Manual asset discovery: Pros, cons, and best practices 22:10 – Passive asset discovery: Leveraging network traffic for insights 30:55 – Active asset discovery: Gaining deeper visibility without disrupting operations 40:30 – IT/OT integration challenges and strategies 50:10 – Closing thoughts and recommendations Guest Information Tyler Bergman: Operations Manager, providing insights into the practical challenges of cybersecurity in industrial environments. Zachary Woltjer: Customer Success Specialist at Verve Industrial, with expertise in helping organizations implement OT cybersecurity solutions. Natalie Kalinowski: Cybersecurity Specialist, bringing research-driven insights into network security and asset discovery. Lance Lamont: OT Security & Asset Management Expert, discussing best practices for inventorying and securing critical assets. Subscribe Get in Touch | | | I
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/35777145
info_outline
Asset Inventory
02/19/2025
Asset Inventory
In this episode, we explore the challenges and best practices for identifying and inventorying assets in operational technology (OT) environments. Join host Ken Kully, Systems Support Lead at Verve Industrial, along with guests Lance Lamont, Andrew Wintermeyer, Tyler Bergman, and Rick Herzing, as they discuss how to establish trust, safely discover assets, and navigate network complexities without disrupting operations. Key Takeaways Establishing Trust & Engagement: Successful asset identification starts with building relationships with site personnel, including ICS engineers and facility managers. Safe Asset Discovery Techniques: Using non-disruptive methods like passive network monitoring, ARP table collection, and targeted scans is key in OT networks. Common Challenges: Mismatched documentation, unknown legacy devices, and unconventional network setups often complicate the process. Collaboration is Crucial: Teams at Verve integrate expertise from research, engineering, and cybersecurity to ensure efficient and secure asset inventorying. Continuous Monitoring & Adaptation: The process doesn’t end with identification—maintaining an up-to-date inventory is an ongoing effort. Listener Q&A Want to ask a question for the experts at Verve to answer? ! Timestamps 00:00 – Introduction and sound check 01:10 – Welcome back to Season 2 of OT After Hours 03:14 – What is the core functionality of Verve in OT environments? 06:45 – Trust-building and engaging with OT personnel 12:30 – Real-world surprises: Unexpected device discoveries 18:05 – How Verve safely identifies assets without disrupting operations 27:38 – Leveraging Verve’s capabilities for accurate inventorying 41:11 – Importance of communication and customer engagement 46:53 – The evolving role of Verve and IT-OT integration Guest Information Lance Lamont – Lead, Special Projects & Protocols, Verve Industrial Andrew Wintermeyer – Lead, Device & Integration Team, Verve Industrial Tyler Bergman – Lead, Field Deployment Team, Verve Industrial Rick Herzing – OT Systems Support Analyst, Verve Industrial Subscribe Get in Touch | | | I
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/35351970
info_outline
What's Next in OT?
12/18/2024
What's Next in OT?
In this episode, we delve into the pressing challenges and exciting opportunities in OT cybersecurity as we look toward 2025. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Natalie Kalinowski, Tyler Bergman, and Zach Woltjer as they share insights on industry trends, compliance requirements, and the evolving role of AI in securing operational environments. Key Takeaways Hybrid Workforces and Device Risks: Personal and work devices in operational environments pose security risks, requiring stronger BYOD policies. Regulatory Compliance: Evolving regulations, like NIST and NIS2, drive cybersecurity adoption but lag in addressing sectors like water infrastructure. AI in Cybersecurity: AI enhances detection, patching, and gap analysis, but foundational security issues must be addressed first. Dynamic Detection: AI and machine learning are replacing outdated static rules for real-time anomaly detection. Zero Trust Architecture: The shift to identity- and access-based security is accelerating, especially in hybrid workforce scenarios. Legacy Device Security: Secure proxies and similar tools help protect aging OT devices, but challenges with latency persist. Monitoring Approaches: Continuous monitoring offers immediate insights but increases network load, while scheduled checks provide stability but risk delays. Third-Party Risks: Organizations are diversifying security tools and assessing vendor practices to reduce supply chain vulnerabilities. Timestamps 0:00 – Introduction 02:15 – Guest introductions 06:10 – The water industry as a critical infrastructure concern 12:36 – Predictions for OT cybersecurity trends in 2025 20:17 – AI in OT cybersecurity: workforce gaps and anomaly detection 30:12 – The shift from static rules to advanced detection techniques 33:01 – Zero trust architecture: buzzword or paradigm shift? 47:39 – Continuous vs. scheduled monitoring in OT environments 55:03 – Protecting legacy devices in operational technology 1:08:08 – Final thoughts: hybrid work risks, compliance, and AI in 2025 Guest Information Natalie Kalinowski: Cyber Technology Consultant at Rockwell Automation and Verve, with a background as a network engineer working in diverse operational environments, from food and beverage to natural gas. Tyler Bergman: Cyber Operations Manager at Verve, bringing over 20 years of experience in utility and energy industries with a focus on IT/OT integration. Zach Woltjer: Cyber Data Analyst at Verve with a passion for simplifying complex cybersecurity challenges for industrial clients. Subscribe Get in Touch | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/34504595
info_outline
Cyber (Im)Maturity
11/20/2024
Cyber (Im)Maturity
In this episode, we explore the evolving challenges of cybersecurity maturity in operational technology (OT) environments. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Lauren Blocker, Industrial Cybersecurity Consulting Partner at Rockwell Automation; Drew Wintermyer from Verve’s OT Research Lab; Zachary Woltjer from the Customer Success Team; Tyler Bergman, Operations Manager; and Rick Herzing from Verve Systems Support as they discuss the importance of assessing cyber maturity, bridging IT/OT security gaps, and implementing effective strategies for resilience. Key Takeaways Cyber maturity is not a one-size-fits-all process; it requires tailoring to specific organizational risks and priorities. IT/OT convergence brings unique challenges, necessitating a deep understanding of industrial environments. Frameworks like NIST CSF and ISA/IEC 62443 provide actionable pathways for improving OT cybersecurity maturity. Overcoming resource and talent shortages is critical to achieving sustainable cyber maturity. Collaboration across leadership, operators, and external partners is essential for effective implementation. Timestamps 00:00 – Introduction and sound check 01:26 – Welcome and episode overview 02:05 – Guest introductions and background 06:45 – What does “cybersecurity maturity” mean in an OT context? 15:20 – The challenges of IT/OT convergence 22:10 – Building and executing a cybersecurity maturity roadmap 30:55 – Real-world success stories and common pitfalls 40:30 – The future of OT cybersecurity and emerging technologies 50:10 – Closing thoughts Guest Information Lauren Blocker: Industrial Cybersecurity Consulting Partner at Rockwell Automation. Lauren specializes in assessing and enhancing cybersecurity maturity, helping enterprises implement globally consistent, standards-based strategies. Drew Wintermyer: Research Lead at Verve’s OT Research Lab, focusing on OT-specific vulnerabilities and resilience strategies. Zachary Woltjer Customer Success Specialist at Verve Industrial, with expertise in helping organizations implement OT cybersecurity solutions. Tyler Bergman: Operations Manager, providing insights into the practical challenges of cybersecurity in industrial environments. Rick Herzing: Verve Systems Support analyst, and former industrial controls engineer. Subscribe Get in Touch | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/34035502
info_outline
The Auto Wreckers of OT
10/11/2024
The Auto Wreckers of OT
In this episode, we dive into the challenges of managing legacy operational technology (OT) systems. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Tyler Bergman, Doug Artze, Dylan Stencil, and Andrew Wintermeyer, as they discuss the complexities of legacy systems, spare parts ("grey") markets, and the importance of security in maintaining older technologies. They explore real-world stories, the economics of keeping legacy systems running, and offer insights into potential solutions. Key Takeaways Legacy OT equipment can have extremely long lifespans, often much longer than typical IT hardware. This leads to challenges in finding support and spare parts as the equipment ages. There is a thriving market for reconditioned and resold legacy OT equipment, but the chain of custody and security vetting of these devices can be unclear. Maintaining documentation and access to legacy software/configuration tools is critical for supporting and troubleshooting older OT systems, which can be difficult as vendors discontinue support. The economic and operational costs of upgrading legacy OT systems can be prohibitive, leading many facilities to try to keep them running as long as possible through creative means like sourcing spare parts. Planned obsolescence by vendors and the lack of right-to-repair policies can exacerbate the challenges of maintaining legacy OT equipment over time. Visibility into the OT asset inventory and having a plan for securing legacy systems are important for managing cybersecurity risks in these environments. Timestamps 00:00 – Introduction and sound check 02:00 – Ken’s story: Decommissioning PDP-11/84 systems 04:50 – Challenges with legacy equipment and backup solutions 09:00 – The aftermarket for OT equipment and security risks 14:00 – Securing legacy OT systems and ensuring safety standards 27:00 – Real-world experiences with aging OT infrastructure 39:00 – How cybersecurity standards affect legacy systems 50:00 – Solutions for managing legacy equipment Guest Information Tyler Bergman: Experienced in utilities and OT security with over 20 years in the industry. Dylan Stencil: Research team member with a background in technology and controls work. Doug Artze: Operations team member with experience in nuclear power and wastewater treatment. Drew Wintermeyer: Research team member and overseer of Verve’s internal labs of OT devices. Subscribe Get in Touch | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/33423727
info_outline
A Calculated Risk
09/11/2024
A Calculated Risk
In this episode, we explore the concept of Calculated Risk Rating (CRR) and its importance in OT cybersecurity. Join host , Systems Support Lead at Verve Industrial, and his guests – Zachary Woltjer, Cyber Data Analyst at Verve, and Lance Lamont – as they discuss how to prioritize and address vulnerabilities in industrial environments. Key Takeaways Calculated Risk Rating helps tailor cybersecurity solutions to specific industrial environments CRR considers both the impact and likelihood of vulnerabilities being exploited The approach helps organizations prioritize their limited resources for maximum security benefit Trust between cybersecurity providers and industrial operators is crucial for effective risk management Active asset inventory solutions provide richer data for more effective risk mitigation strategies Timestamps 00:00 – Introduction and sound check 01:00 – Introduction of guest Zachary Woltjer 02:50 – Explanation of Calculated Risk Rating (CRR) 06:21 – Importance of contextualizing vulnerability information 09:47 – Discussion on EPSS (Exploit Prediction Scoring System) 12:43 – Identifying “crown jewels” in industrial environments 18:48 – Process of assigning criticality and likelihood ratings 26:50 – Importance of defense in depth strategies 31:01 – How Verve’s teams work together to implement CRR 35:56 – Benefits of active asset inventory solutions 42:35 – Conclusion and outtro Guest Information Zachary Woltjer: Cyber Data Analyst on the Customer Success team at Verve Industrial Lance Lamont: Creator and Explorer at Verve Industrial Protection, leading the research team in exploring OT devices and their security. Subscribe Get in Touch | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/33008432
info_outline
The Case for Active OT Security
08/28/2024
The Case for Active OT Security
In this episode, we explore the challenges and benefits of active detection in OT security environments. Join host , Systems Support Lead at Verve Industrial, and his guests Rick Kaun and Sally Mellinger as they discuss the limitations of passive detection and the importance of comprehensive asset inventory in industrial cybersecurity. Key Takeaways Passive detection, while useful, has significant limitations in providing a comprehensive view of OT environments Active detection, including the use of agents, can provide more detailed and actionable information about assets Many operators have valid concerns about touching OT systems, but these fears can be addressed with proper expertise and non-disruptive solutions A comprehensive asset inventory is crucial for understanding and managing cybersecurity risks in OT environments The industry needs to overcome the fear of touching OT devices to achieve better security outcomes Timestamps 00:00 – Introduction and sound check 01:21 – Introduction of Sally Mellinger and Ken Kully 04:54 – Discussion on passive detection and its limitations 10:51 – Analogy comparing passive detection to traffic monitoring 24:56 – The importance of comprehensive asset inventory 31:17 – Examples of hidden vulnerabilities in OT environments 36:22 – The need to overcome vendor restrictions on security tools 39:26 – Addressing the root of OT security fears 45:49 – The importance of educating the market on active detection solutions Guest Information Rick Kaun: Expert in OT security with over 23 years of experience in the industry Sally Mellinger: Senior Manager of Content Marketing at Verve Industrial, with over 10 years of experience in B2B and technical content marketing Subscribe Get in Touch | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/32777517
info_outline
The Crowdstrike Incident: Lessons for OT Cybersecurity
07/31/2024
The Crowdstrike Incident: Lessons for OT Cybersecurity
In this episode, we explore the implications of the recent Crowdstrike incident for OT cybersecurity. Join host , Systems Support Lead at Verve Industrial, and his guests Tyler Bergman and Ryan Zahn as they discuss the impact of IT security tools on OT environments, the importance of staged rollouts, and the delicate balance between automated updates and manual controls. Key Takeaways: The Crowdstrike incident highlights the risks of using IT-focused security tools in OT environments Staged rollouts and thorough testing are crucial for minimizing risks in critical infrastructure OT environments require a different approach to updates and security compared to IT systems The incident underscores the need for better collaboration between IT and OT teams Kernel-level access in security software presents both benefits and risks that must be carefully managed Timestamps: 00:00 – Introduction and discussion of recent events 03:08 – Overview of the Crowdstrike incident and its impact 05:50 – Discussing the differences between IT and OT security approaches 14:57 – Exploration of staged rollouts and testing processes 23:43 – The importance of human safety in OT environments 28:36 – The need for OT-specific considerations in security tool deployment 35:36 – Discussion on the risks associated with kernel-level access 43:18 – Reflecting on the broader implications for cybersecurity and critical infrastructure 48:06 – Closing thoughts and wrap-up Guest Information: Tyler Bergman: Utility engineering expert with 20 years of experience, focusing on cybersecurity efforts for the past five years. Ryan Zahn: Customer Success professional at Verve Industrial with over 11 years of experience and a background in OT as a state engineer for a Midwest power utility. Subscribe: Get in Touch: | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/32367432
info_outline
OT Security is a Program
07/17/2024
OT Security is a Program
In this episode, we explore the importance of treating OT security as a comprehensive program rather than a collection of individual functions. Join host Ken Kully, Cyber Tech Lead at Verve Industrial, and his guest Rick Kaun, VP of Sales at Verve Industrial, as they discuss the challenges of implementing OT security, the differences between IT and OT approaches, and the need for a holistic view of security in industrial environments. Key Takeaways: OT security requires a programmatic approach that integrates multiple disciplines and functions, rather than treating them as isolated tasks. Context is crucial in OT environments, as the same device can have different implications depending on its role in the process. Implementing individual security functions separately in OT can lead to inefficiencies, increased costs, and potential risks. OT security requires collaboration between IT and OT teams, with a deep understanding of the unique challenges and requirements of industrial systems. A centralized approach to OT security can significantly reduce time, effort, and potential errors in managing industrial cybersecurity. Timestamps: 00:00 – Introduction and topic overview 01:03 – Guest introduction: Rick Kaun, VP of Sales at Verve Industrial 01:18 – Rick's background and experience in OT security 04:57 – The importance of treating security as a program in OT 07:05 – Challenges of implementing individual security functions in OT 11:03 – The role of context in OT security decisions 15:26 – Examples of OT-specific security considerations 22:01 – The impact of IT approaches on OT environments 25:19 – The need for collaboration between IT and OT teams 28:51 – Real-world impacts of OT security failures 32:40 – The importance of skill sets and resources in OT security 33:50 – Concluding thoughts and contact information Guest Information: Rick Kaun: VP of Sales at Verve Industrial, with over 23 years of experience in OT security, helping clients build comprehensive security programs across various industries globally. Subscribe Get in Touch | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/32179427
info_outline
What is OT?
06/12/2024
What is OT?
In our second episode, we ask the question: “what is OT?”, and attempt to provide an answer. Join host Ken Kully, Cyber Tech Lead at Verve Industrial, and his guests and colleagues Lance Lamont, Tyler Bergman, Doug Artze, and Drew Wintermyer as they discuss what characterizes an OT environment and OT equipment, the impact of IT/OT convergence on distinguishing one realm from the other, and how a device’s usage is often the deciding factor as to whether it is an IT device…or an OT device. Key Takeaways: OT is the collection of hardware and software that is principally concerned with process availability: monitoring the process, providing safety oversight, and the automation, supervision, and control of the core processes for any industry. The same device can be both an IT device and an OT device, depending on usage. OT systems are often – though not always – characterized by device isolation, and can also be spread over a large geographic area. There are some industries – healthcare is an example – where the distinction between IT and OT becomes very blurred. Timestamps: 00:00 – Introduction and sound check 00:35 – Welcome to OT After Hours 00:43 – Host introductions and background 03:40 – What is OT? 04:32 – Parallel terms: IT and OT 05:56 – Other terms: DCS, SCADA, etc. 11:43 – Hardware differences between IT and OT 14:20 – The role of context in defining OT devices 17:34 – The evolution and convergence of OT and IT 19:52 – The CIA triad and its different priorities in IT and OT 22:36 – The timeliness element in OT systems 23:30 – Engineering workstations and their classification 32:36 – The criticality of availability in OT environments 34:30 – The sensitivity of OT control systems 37:41 – Examples of OT in non-industrial settings 44:27 – The importance of physical access in OT security 46:55 – The unique challenges of healthcare OT 50:59 – Concluding thoughts on defining OT Guest Information: Lance Lamont: Creator and Explorer at Verve Industrial Protection, leading the research team in exploring OT devices and their security. Tyler Bergman: Experienced in utilities and OT security with over 20 years in the industry. Doug Artze: Operations team lead with experience in nuclear power and wastewater treatment. Drew Wintermyer: Research team member and overseer of Verve’s internal labs of OT devices. Subscribe Get in Touch | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/31717722
info_outline
Why It Matters
05/15/2024
Why It Matters
In our pilot episode, we dive into the crucial world of OT security. Join host Ken Kully, Cyber Tech Lead at Verve Industrial, and his guests and colleagues Lance Lamont, Tyler Bergman, and Dylan Stencil as they discuss the importance of industrial cybersecurity, the unique challenges it presents, and why it truly matters. From understanding OT environments to real-world incidents like Stuxnet, this episode is packed with insights and practical advice for navigating the complexities of OT security. Key Takeaways: OT security is critical due to the unique challenges and vulnerabilities in industrial environments. Real-world incidents like Stuxnet highlight the importance of securing OT systems. Maintaining availability and integrity in OT environments is essential to prevent costly downtimes and disruptions. Effective communication with management about OT security needs is crucial for obtaining necessary support and resources. Timestamps: 00:00 – Introduction and sound check 00:40 – Welcome to OT After Hours 01:33 – Host introductions and backgrounds 06:57 – Why industrial cybersecurity matters 08:23 – Stuxnet: A brief overview 15:00 – Vulnerabilities in OT environments 20:08 – Examples of OT device failures 25:19 – The importance of availability in OT systems 40:11 – Conversations about OT security with management 50:33 – Closing thoughts Guest Information: Lance Lamont: Creator and Explorer at Verve Industrial Protection, leading the research team in exploring OT devices and their security. Tyler Bergman: Experienced in utilities and OT security with over 20 years in the industry. Dylan Stencil: Research team member with a background in technology and controls work. Subscribe Get in Touch | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/31307102
info_outline
Teaser
05/14/2024
Teaser
The trailer for "OT After Hours": unfiltered stories and advice from the front lines of industrial cybersecurity. Subscribe Get in Touch | | |
/episode/index/show/12c2aa51-9739-4449-9d83-fddccc0d0521/id/31293692