Welcome to "PrOTect It All," the podcast where we peel back the layers of cybersecurity to reveal the core strategies, challenges, and triumphs of protecting our digital and operational landscapes. We're thrilled to have you on board for an upcoming episode! Your insights and experiences are invaluable to our listeners who are eager to learn and engage with the leading minds in IT and OT security.
As we gear up to dive into conversation, please feel free to share any specific topics or stories you'd like to discuss. Our audience appreciates both the technical deep-dives and the high-level overviews, so bring your unique perspective, and let's make cybersecurity accessible and engaging together.
Thank you for joining us on this journey to foster a more secure future. We can't wait to hear your voice on the "PrOTect It All" podcast!
All content for PrOTect It All is the property of Aaron Crow and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Welcome to "PrOTect It All," the podcast where we peel back the layers of cybersecurity to reveal the core strategies, challenges, and triumphs of protecting our digital and operational landscapes. We're thrilled to have you on board for an upcoming episode! Your insights and experiences are invaluable to our listeners who are eager to learn and engage with the leading minds in IT and OT security.
As we gear up to dive into conversation, please feel free to share any specific topics or stories you'd like to discuss. Our audience appreciates both the technical deep-dives and the high-level overviews, so bring your unique perspective, and let's make cybersecurity accessible and engaging together.
Thank you for joining us on this journey to foster a more secure future. We can't wait to hear your voice on the "PrOTect It All" podcast!
Inside OT Penetration Testing: Red Teaming, Risks, and Real-World Lessons for Critical Infrastructure with Justin Searle
PrOTect It All
54 minutes 21 seconds
4 months ago
Inside OT Penetration Testing: Red Teaming, Risks, and Real-World Lessons for Critical Infrastructure with Justin Searle
In this episode, host Aaron Crow sits down with OT security expert Justin Searle, Director of ICS Security at InGuardians, for a deep dive into the ever-evolving world of OT and IT cybersecurity.
With over 25 years of experience, ranging from hands-on engineering and water treatment facilities to red-team penetration testing on critical infrastructures such as airports and power plants, Justin brings a wealth of insight and real-world anecdotes.
This episode unpacks what it really takes to assess and secure operational technology environments. Whether you’re a C-suite executive, a seasoned cyber pro, or brand new to OT security, you’ll hear why network expertise, cross-team trust, and careful, collaborative engagement with engineers are so crucial when testing high-stakes environments. Aaron and Justin also discuss how the industry has matured, the importance of dedicated OT cybersecurity teams, and why practical, people-first approaches make all the difference, especially when lives, reliability, and national infrastructure are on the line.
Get ready for actionable advice, hard-earned lessons from the field, and a candid look at both the progress and the ongoing challenges in protecting our most critical systems.
Key Moments:
05:55 Breaking Into Cybersecurity Without Classes
09:26 Production Environment Security Testing
13:28 Credential Evaluation and Light Probing
14:33 Firewall Misconfiguration Comedy
19:14 Dedicated OT Cybersecurity Professionals
20:50 "Prioritize Reliability Over Latest Features"
24:18 "IT-OT Convergence Challenges"
29:04 Patching Program and OT Security
32:08 Complexity of OT Environments
35:45 Dress-Code Trust in Industry
38:23 Legacy System Security Challenges
42:15 OT Cybersecurity for IT Professionals
43:40 "Building Rapport with Food"
47:59 Future OT Cyber Risks and Readiness
51:30 Skill Building for Tech Professionals
About the Guest :
Justin Searle is the Director of ICS Security at InGuardians, specializing in ICS security architecture design and penetration testing. He led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and played critical roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP).
Justin has taught hacking techniques, forensics, networking, and intrusion detection courses for multiple universities, corporations, and security conferences. His current courses at SANS and Black Hat are among the world's most attended ICS cybersecurity courses. Justin is currently a Senior Instructor for the SANS Institute and a faculty member at IANS. In addition to electric power industry conferences, he frequently presents at top international security conferences such as Black Hat, DEFCON, OWASP, HITBSecConf, Brucon, Shmoocon, Toorcon, Nullcon, Hardware.io, and AusCERT.
PrOTect It All
Welcome to "PrOTect It All," the podcast where we peel back the layers of cybersecurity to reveal the core strategies, challenges, and triumphs of protecting our digital and operational landscapes. We're thrilled to have you on board for an upcoming episode! Your insights and experiences are invaluable to our listeners who are eager to learn and engage with the leading minds in IT and OT security.
As we gear up to dive into conversation, please feel free to share any specific topics or stories you'd like to discuss. Our audience appreciates both the technical deep-dives and the high-level overviews, so bring your unique perspective, and let's make cybersecurity accessible and engaging together.
Thank you for joining us on this journey to foster a more secure future. We can't wait to hear your voice on the "PrOTect It All" podcast!
