Industrial control systems (ICS) and operational technology (OT) are the backbone of modern society—powering electricity, water, gas, communications, manufacturing, chemicals, and even medical technology. But what happens when these systems must be secured in the middle of a warzone?
On this episode of Simply ICS Cyber, hosts Don C. Weber and Tom VanNorman sit down with special guest Patrick C. Miller, President & CEO of Ampyx Cyber, a company dedicated to protecting the industrial world.
Learn more about:
This is a rare opportunity to hear experts break down industrial cybersecurity in the harshest conditions. Whether you’re in IT, OT, or just want to understand the stakes, you’ll walk away with practical lessons and a deeper appreciation of what’s at risk.
Connect with Patrick on LinkedIn: https://www.linkedin.com/in/millerpatrickc/
Episode Links:
-The 5 Critical Controls: https://www.sans.org/white-papers/five-ics-cybersecurity-critical-controls
- KEV: https://www.cisa.gov/known-exploited-vulnerabilities
👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.
Connect with your hosts on LinkedIn:
- Don https://linkedin.com/in/cutaway
- Tom https://linkedin.com/in/thomasvannorman
Learn about ICS Village: https://www.linkedin.com/company/icsvillage
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
Presented by Simply Cyber Media Group
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
In this episode of Simply ICS Cyber, co-hosts Don C. Weber and Tom VanNorman are joined by maritime and energy cybersecurity expert Marco (Marc) Ayala — vOT-CISO, Senior Principal Advisor for Energy, Oil, and Gas at the Cyber Infrastructure Protection Innovation Center (CIPIC), President of InfraGard Houston Members Alliance, and National Sector Chief of Energy for InfraGard.
Marc has spent his career at the intersection of ICS/OT security, maritime operations, and critical infrastructure protection. His work includes advancing cybersecurity for the energy and oil & gas industries, driving innovation at CIPIC, and building collaborative bridges between public and private sectors to defend against nation-state and criminal threats.
If you’re interested in the challenges of maritime cyber resilience, industrial control systems, operational technology, or energy sector defense, this episode offers rare insights from one of the field’s most active leaders.
Connect with Marc on LinkedIn: https://www.linkedin.com/in/marco-marc-ayala-a3b26934
Episode Links:
👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.
Connect with your hosts on LinkedIn:
- Don https://linkedin.com/in/cutaway
- Tom https://linkedin.com/in/thomasvannorman
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
Presented by Simply Cyber Media Group
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
In this episode of Simply ICS Cyber, Don C. Weber and Tom VanNorman sit down with Chris Sistrunk to dive into the challenges and realities of Substation Security.
Chris, now a Technical Leader at Mandiant & Google Cloud Security, brings years of experience from his time at Entergy, where he specialized in Transmission & Distribution SCADA systems and cybersecurity labs. He’s a recognized leader in ICS/OT security and an active contributor to the community through events like DEF CON’s ICS Village and BEER-ISAC.
Join us as we discuss securing critical infrastructure, modern threats to substations, and what defenders need to know to stay ahead.
Tune in to get expert insights into protecting the grid.
Connect with Chris on LinkedIn: https://www.linkedin.com/in/chrissistrunk
Episode Links:
https://cloud.google.com/blog/topics/threat-intelligence/securing-protection-relays-modern-substations
https://techcrunch.com/2025/07/14/mark-zuckerberg-says-meta-is-building-a-5gw-ai-data-center/
Connect with your hosts on LinkedIn:
- Don https://linkedin.com/in/cutaway
- Tom https://linkedin.com/in/thomasvannorman
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
Presented by Simply Cyber Media Group
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
Join Don Weber and Tom VanNorman for the Season 2 premiere of Simply ICS Cyber!
In this episode, your hosts interview special guest and ICS professional, Dan Ricci.
Dan is a Power Systems Engineer and Researcher with Idaho National Labs and sits down with the hosts to explore vulnerability management, feeds, and learn more about ICS Advisory Board Project.
Episode Links:
- https://www.icsadvisoryproject.com/
- https://www.icsadvisoryproject.com/ics-advisory-dashboards/cisa-kev-for-cisa-ics-advisories
Connect with Dan Ricci on LinkedIn:
https://www.linkedin.com/in/danricci14
Connect with your hosts on LinkedIn:
- Don linkedin.com/in/cutaway
- Tom linkedin.com/in/thomasvannorman
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
Don and Tom jump into the TSA Directives in this episode with their special guest Mike Holcomb, the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, one of the world’s largest engineering, procurement, and construction companies. He also founded the BSides ICS/OT and BSides Greenville cons.
In this episode, our expert guest helps us answer the questions below:
- What are TSA Directives?
- Where do we find them?
- Who do they apply to?
- How are sites checked?
Connect with Mike:
- Mike Holcomb LinkedIn: https://www.linkedin.com/in/mikeholcomb/
Learn more about BSides ICS/OT:
- BSides ICS/OT: https://www.bsidesics.org/
=========================
Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.
Connect with your hosts on LinkedIn:
- Don linkedin.com/in/cutaway
- Tom linkedin.com/in/thomasvannorman
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
In this episode of Simply ICS Cyber, Don and Tom interview their guest, Jim Gilsinn. Together they discuss the ISA/IEC 62443 Cybersecurity framework and answer the questions:
- What is ISA/IEC 62443 Series of Standards and how do they help?
- How do you get access to the ISA/IEC 62443 documents?
- How can you help improve the standards?
Connect with Jim Gilsinn on socials:
- Linked In: https://www.linkedin.com/in/jimgilsinn/
- X: https://x.com/JimGilsinn
Learn more about the ISA/IEC 62443 Standards: https://www.isa.org/standards-and-publications/isa-standards/isa-iec-62443-series-of-standards
=========================
Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.
Connect with your hosts on LinkedIn:
- Don linkedin.com/in/cutaway
- Tom linkedin.com/in/thomasvannorman
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
How does Incident Response in ICS/OT/SCADA work? In this episode of Simply ICS Cyber, Don and Tom welcome Kai Thomsen, Director of Global Incident Response Services at Dragos.
Join us as we answer the questions below and provide more insight into how IR works in OCS, OT, and SCADA:
- Is DFIR the same on the OT side as the IT side?
- What are some of the challenges the OT DFIR team faces?
- In an organization, who is responsible for OT incident response?
- What are table tops, how should you conduct them?
- What are some table top exercises?
- How do you get into OT DFIR?
Discover the Dragos 2025 YIR Report: https://www.dragos.com/ot-cybersecurity-year-in-review
Connect with Kai on LinkedIn: https://www.linkedin.com/in/kai-thomsen-a635b21b7
Check out the Incident Response Table top resources below:
- CISA Tabletop Exercise Packages (CTEPs)
- CISA ICS Training
- Dean Parson’s ICS Incident Response Tabletops
- Lenny Zeltser Cheat Sheets and Presentations
- NERC’s Grid Security Exercise (GridEx)
- MITRE Cyber Exercise Playbook
- Black Hills Information Security (BHIS) Backdoors and Breaches ICS/OT Deck
- Center for Internet Security, Tabletop Exercises – Six Scenarios to Help Prepare Your Cybersecurity Team
- Red Canary: Are You Using Tabletop Simulations to Improve Your Information Security Program?
- Dragos: Preparing for Industrial Cyber Response Tookit
- Dragos: Preparing for Incident Handling and Response in ICS
- Dragos Tabletop Exercise
- ICS4ICS Incident Command System for Industrial Control Systems
- European Network for Cyber Security (ENCS) Red Team – Blue Team Training
Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.
Connect with your hosts on LinkedIn:
- Don linkedin.com/in/cutaway
- Tom linkedin.com/in/thomasvannorman
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
In this episode, Tom and Don host special guest Michael Hilken, Cyber Physical Engineer at Grimm. The trio review and discuss the Five ICS Cybersecurity Critical Controls.
Links from this episode:
- Michael Hilken: https://www.linkedin.com/in/michael-hilken/
- SANS Whitepaper on the The Five ICS Cybersecurity Critical Controls: https://www.sans.org/white-papers/five-ics-cybersecurity-critical-controls/
- Dragos 2025 OT Cybersecurity Report - 8th Annual Year in Review: https://www.dragos.com/ot-cybersecurity-year-in-review/
Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.
Connect with your hosts on LinkedIn:
- Don https://www.linkedin.com/in/cutaway
- Tom https://www.linkedin.com/in/thomasvannorman
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
=========================
In this episode of Simply ICS Cyber, Don and Tom interview Gus Serino, water sector expert and Owner at I&C Secure, Inc.
Listen in as we will answer the following questions:
- What is Critical Infrastructure?
- What are other types of Industrial and Automation?
- Is cybersecurity different between the two?
Links from this episode:
- Gus Serino LinkedIn: https://www.linkedin.com/in/gusserino/
- Instrumentation & Control Secure, Inc.: https://www.iandcsecure.com/
- S4Events - Water Sector Cyber Risk with Gus Serino: https://www.youtube.com/watch?v=ScigBpXIjgg
Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.
Connect with your hosts on LinkedIn:
- Don https://www.linkedin.com/in/cutaway
- Tom https://www.linkedin.com/in/thomasvannorman
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
=========================
In episode 2 of Simply ICS Cyber, we answer the following questions for those interested in starting a career in ICS (industrial control systems), OT (operational technology):
- What is Capex vs Opex? And, why does it matter when getting a job?
- What is the compensation versus actual pay?
- What does the OT side consider as important skills?
- How are the rising FTE and consultant wages affecting winning ICS/OT work?
Links to learn more about ICS, OT, SCADA:
- ICS Village: https://www.icsvillage.com
- Contact ICS Village: https://www.icsvillage.com/contact-us
- NICE Framework (Find OT in the Competency Areas): https://niccs.cisa.gov/workforce-development/nice-framework
- SANS ICS NICE: https://www.sans.org/nice-framework/industrial-control-systems
Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.
Connect with your hosts on LinkedIn:
- Don https://www.linkedin.com/in/cutaway
- Tom https://www.linkedin.com/in/thomasvannorman
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
=========================
Welcome to the first episode of Simply ICS Cyber! Tune in every other Wednesday for new episodes premiering at 9:30 AM ET.
Learn more about what to expect in this episode below:
- Who are Don and Tom?
- What are industrial and automation controls and why are they important?
- What are these terms? ICS, OT, 62443, countermeasures, PLC, DCS
- Why is cybersecurity different in OT versus IT?
Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.
Connect with your hosts on LinkedIn:
- Don https://www.linkedin.com/in/cutaway
- Tom https://www.linkedin.com/in/thomasvannorman
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
=========================
