AI is everywhere - but it won’t fix broken cybersecurity foundations. In this end-of-year wrap-up episode of Protect It All, host Aaron Crow takes a hard look at the growing hype around AI in cybersecurity and explains why fundamentals still matter more than any shiny new tool, especially in OT environments. Drawing from real-world experience and industry observations, Aaron challenges the belief that AI can compensate for missing basics like asset inventory, network segmentation, and clear ownership. He reframes AI as a powerful assistant not a savior and warns against the risks of rushing into automation without understanding what you’re protecting in the first place. You’ll learn: Why basic cybersecurity hygiene still determines success or failure How AI fits best when foundations are already in place The dangers of shadow AI in OT and industrial environments Why asset visibility and segmentation remain non-negotiable How leaders should think about AI as a support tool - not a shortcut What OT and IT teams should prioritize heading into 2026Whether you’re closing out the year or planning ahead, this episode delivers a grounded, experience-driven perspective on building resilient cybersecurity programs—without chasing hype. Tune in to hear why mastering the basics is still the smartest cyber strategy - only on Protect It All. Key Moments:  03:32 "Technology Complexity vs. Practicality" 09:33 "AI as an Entry-Level Intern" 12:29 "AI: A Powerful Team Tool" 16:24 "AI Alone Won't Fix Cyber" 19:34 "Mastering Basics Before AI Integration" 21:46 "Shadow AI and Resilience" 25:26 "Addressing Gaps and Ownership" 30:27 "Foundations Matter for Success" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast  To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

AI promises transformation - but legacy technology, process gaps, and cyber risk often stand in the way. In this episode of Protect It All, host Aaron Crow sits down with veteran IT and cybersecurity leader Neil D. Morris, who brings over 30 years of experience across aerospace, defense, and energy sectors. Together, they cut through the hype to explore what really matters when modernizing technology and managing cyber risk in complex, real-world environments. Neil shares candid insights on why legacy systems still power critical operations, why replacing them isn’t as simple as it sounds, and how organizations can unlock real value from AI without increasing risk. The conversation dives into tech debt, regulation, ROI, and the often-overlooked role of process in successful transformation. You’ll learn: Why legacy systems aren’t going away anytime soon The hidden risks of chasing AI without strong foundations How to balance security, usability, and business value Why process and governance matter more than tools How IT leaders can communicate cyber and AI value in business terms Where AI creates opportunity - and where it creates new attack paths Whether you’re leading digital transformation, managing cyber risk, or advising the business on AI adoption, this episode delivers real talk and practical wisdom from the front lines of IT and OT leadership. Tune in to learn how to modernize responsibly, manage risk intelligently, and separate AI reality from hype only on Protect It All. Key Moments:  00:00 "Legacy Tech in Modern Firms" 06:22 "Technology, Change, and Customer Focus" 09:51 "Challenges in Articulating Cybersecurity Value" 12:27 "Tech Solutions Must Drive Value" 15:43 Sell Ideas Beyond the Code 19:03 "Ransomware Risks in Acquisitions" 24:02 Government, Services, and Compliance Debate 25:35 Balancing AI, Cybersecurity, and Regulation 30:33 BlackBerry's Downfall: Ignored Innovation 32:06 "Evolution and Misuse of AI" 34:45 "Opportunity to Lead Change" 37:52 "AI Without Guidance Backfires" 41:07 "AI: Smart but Context-Lacking" 46:45 "AI Empowering Business Transformation" 50:30 "Effortless Tech-Fueled Imitation" About the guest :  Neil D. Morris is a senior enterprise technology leader with 25+ years of experience in digital transformation, cybersecurity, and AI at scale. He currently serves as Head of IT at Redaptive and previously held CIO roles at Ball Aerospace and Maxar Technologies. Neil is known for guiding organizations through complex modernization efforts while balancing security, risk, and business value. How to connect Neil: https://www.linkedin.com/in/neildmorris/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:

Cybersecurity has evolved from an afterthought to a business-critical responsibility - and AI is accelerating that shift faster than most organizations are ready for. In this episode of Protect It All, host Aaron Crow sits down with Sue McTaggart, a cybersecurity leader with a software development background and more than 15 years of experience driving security transformation. Together, they explore how cybersecurity success today depends less on shiny new tools and more on culture, governance, and fundamentals done right. Sue shares her journey from developer to cybersecurity leader, offering real-world insights into embedding security thinking into everyday work - not bolting it on after something breaks. The conversation tackles the realities of AI adoption, the risks of over-automation, and why human oversight and curiosity remain essential in an increasingly automated world. You’ll learn: Why technology alone can’t fix cybersecurity problems How to embed a security-first mindset across teams and leadership What AI changes - and what it doesn’t - in cybersecurity governance The role of Zero Trust and foundational cyber hygiene Why people, process, and accountability prevent more breaches than tools How generational shifts and curiosity shape the future of cyber careers Whether you’re a security leader, technologist, or business decision-maker navigating AI adoption, this episode delivers grounded, practical wisdom for building resilience that lasts. Tune in to learn why strong cybersecurity still starts with people, not platform,s only on Protect It All. Key Moments: 01:12 Cybersecurity Evolution and Insights 03:51 "Cybersecurity Requires Culture Shift" 07:09 "Tech Failures and Curfew Challenges" 10:30 "Prioritizing Security in AI Development" 15:05 Cybersecurity's Role in Everything 19:37 "Everything is Sales" 23:54 Adapting Communication for Audiences 26:26 "Think Ahead, Stay Curious." 28:30 Tinkering and Curiosity Unleashed 31:32 "Gen Z: Redefining Work and Life." 36:17 Governing AI: Benefits and Risks 37:59 AI Needs Human Oversight 42:35 "AI's Role in Cybersecurity." 47:25 "Hackers Exploit Basic Vulnerabilities." About the guest: Sue McTaggart is a passionate educator and cybersecurity professional with a strong background in software development. Her curiosity and desire to raise awareness led her to transition from developing applications primarily in languages like Java in the early 2000s to the field of cybersecurity. Sue is dedicated to empowering others through education and strives to share her knowledge to help others better understand cybersecurity risks and solutions. She is honored and humbled by opportunities to speak about her work and continues to inspire those around her with her commitment to ongoing learning and public awareness. How to connect Sue: https://www.linkedin.com/in/sue-mctaggart-24604158/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: http...

The future of cybersecurity won’t be won by tools alone - it will be won by people, process, and smarter use of AI. In this episode of Protect It All, host Aaron Crow sits down with cybersecurity veteran Sharad Rai to explore how IT and OT security teams can reduce complexity, fight alert fatigue, and build stronger defenses through foundational practices and intelligent automation. Sharad brings decades of real-world experience - from early firewall management to leading large-scale security programs at major financial institutions. Together, Aaron and Sharad break down what actually works in cybersecurity today: simplifying policies, understanding user behavior, strengthening basics like patching, and leveraging AI for contextual decision-making. You’ll learn: Why human behavior is the root of both risk and resilience How AI can reduce complexity, noise, and alert fatigue What “good vs bad” looks like through an AI-driven, context-aware lens How policy overload cripples organizations - and how to fix it Why OT and IT security still depend on foundational hygiene The rise of browser-based security and Chrome as an endpoint What’s coming next: AI-driven phishing, contextual controls, and automated response Whether you're a security leader, practitioner, or just navigating modern cyber challenges, this episode will reshape how you think about defending systems and the people using them. Tune in to discover how AI, clarity, and human-centered design are shaping cybersecurity’s next chapter only on Protect It All. Key Moments:  06:21 "Cybersecurity Basics: Know the Layers" 09:49 "Defining Good to Block Bad" 13:03 Alarm Fatigue and Information Overload 14:01 Alarm Tuning and Data Utilization 19:02 RFID Tags and Process Frustration 23:03 Simplifying Cybersecurity for Success 25:18 "AI Optimizing Policy Adjustments" 27:33 "Tech Frustrations Then and Now" 31:46 Cloud Computing Transformed Everyday Work 36:05 Focus on Foundational Basics About the guest :  Sharad Rai is a cybersecurity leader and architect with over 20 years of experience securing some of the world’s most complex financial institutions. As Vice President of Security and Architecture at State Street, he leads regulatory-driven initiatives and delivers enterprise-wide cybersecurity programs across cloud, infrastructure, and endpoint platforms. Sharad has held key security roles at Morgan Stanley, BNP Paribas, Jefferies, and Foundation Medicine, with deep expertise in EDR, PAM, SASE, ZTNA, and cloud-native security. He is known for simplifying complexity, reducing risk, and bridging product, engineering, and executive teams. How to connect Sharad: https://www.linkedin.com/in/sharad-rai-cissp-a951a28 Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: htt...

Cyber incidents don’t just test your technology - they test your people, your processes, and your culture. In this episode of Protect It All, host Aaron Crow sits down with Daniel Swann, Cyber Incident Commander at Rockwell Automation, to pull back the curtain on what really happens during IT and OT incidents. With decades of experience across the U.S. Air Force, enterprise environments, and industrial operations, Daniel shares lessons learned the hard way - from managing chaos in real time to building a culture where teams can learn without blame. You’ll learn: Why documentation and scribe roles can make or break an incident response How blameless postmortems actually strengthen team performance What military-style discipline can teach us about OT and IT incident handling How to run effective tabletop exercises that expose real gaps The human factors - communication, clarity, ownership - that reduce downtime and panic Practical strategies to evolve your incident response plan before the next breach Whether you’re developing your first IR playbook or leading seasoned response teams, this episode delivers actionable, real-world insights that help you prepare, respond, and recover with confidence. Tune in for battle-tested wisdom from military operations to industrial control rooms - only on Protect It All. Key Moments:  00:00 "Protect IT/OT Cybersecurity Podcast" 03:30 Cybersecurity: Versatility Is Key 07:52 "Balancing Bureaucracy and Flexibility" 10:20 "Practice Makes Plans Effective" 14:17 "Learning While Doing" 18:44 "Document Key Info in Incidents" 19:46 "Versatile Team Role Importance" 22:45 "Tracking Lessons with Visibility" 28:34 Proactive Reporting Encouraged 29:33 Safe Reporting Prevents Phishing Incidents 32:52 "Bridging IT and OT Safely" 37:15 Team Collaboration Enhances Outcomes 41:00 Military Preparedness and Logistics Planning 42:59 Preparing for Unlikely Scenarios 47:20 AI Threats to OT Systems 48:32 "AI's Impact on Learning and Jobs" About the guest:  Daniel Swann is a seasoned Cyber Incident Commander at Rockwell Automation, bringing 17+ years of IT leadership and nearly a decade of cybersecurity experience. A U.S. Air Force veteran, he has led global cyber operations, responded to major vulnerabilities like Log4J, and driven large-scale improvements in incident response and vulnerability management. Daniel is highly certified, mission-driven, and recognized for building strong, resilient security teams. Links :  Video of Daniel Swann with Kate Vajda, Director of Vulnerability Research and Malware Threat Research, Dragos : https://www.youtube.com/watch?v=4zotgrPk8vI Connect with Daniel on LinkedIn : https://www.linkedin.com/in/j-daniel-swann/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube:

The cybersecurity job market is changing faster than ever - and the skills that mattered five years ago won’t carry you into the future. In this episode of Protect It All, host Aaron Crow sits down with Mark Sasson, Managing Partner at Pinpoint Search Group, to break down what the future of cybersecurity careers really looks like. From the rise of AI and automation to the growing importance of human skills, they uncover the new realities facing candidates, hiring managers, and leaders across IT and OT security. You’ll learn: Why soft skills, communication, and adaptability are now just as critical as technical expertise How AI is reshaping job searches, resumes, and candidate evaluation The shift between employer-driven and candidate-driven markets What separates standout candidates in today’s competitive landscape How startups think about hiring -  and what they won’t compromise on Practical steps to future-proof your cybersecurity career starting now Whether you’re entering cybersecurity, leveling up your role, or hiring your next team member, this episode delivers real-world, actionable insights to help you stay relevant  - and competitive in an evolving industry. Tune in to learn how to stay ahead in the cybersecurity job market of today and tomorrow  only on Protect It All. Key Moments:  04:14 Recruitment Growth and Funding Trends 06:42 Tangible Value in AI Age 12:18 "Stepping Outside the Comfort Zone" 15:16 "Growth Through Embracing Discomfort" 19:23 "Embracing Growth and New Challenges" 21:01 Balancing Growth and Bold Moves 25:14 "Breaking Into Tech: Sacrifice & Strategy" 27:40 Experience Beats Book Knowledge 32:13 Human Insight Beats AI in Hiring 34:45 AI Recruitment: Potential, Limits, Distinctions 39:37 "Reluctant Growth through Opportunity" 42:47 "AI Tools: Benefits and Downsides" 44:29 "Human-Centered Hiring Over AI" 50:12 "Human Connection Over Technology" 53:23 "Planning Your Next Step" About the guest:  Mark Sasson is the Managing Partner of Pinpoint Search Group, a recruitment firm specializing in helping innovators in emerging markets attract the talent needed to drive maturation, scale, and successful outcomes. In 2014, Mark launched Pinpoint’s Cybersecurity practice, where he and his team have successfully completed hundreds of executive and senior-level individual contributor searches for leading Cybersecurity vendors. Building on that success, Mark is now guiding Pinpoint’s expansion into the rapidly evolving Space sector. Connect Mark:  Website: https://pinpointsearchgroup.com/ LinkedIn: linkedin.com/in/markjsasson/Learn more about Cybersecurity Vendor M&A + Funding Roundups here : https://pinpointsearchgroup.com/cybersecurity-industry-reports/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/p...

Can your plant stay connected and completely secure? In this episode of Protect It All, host Aaron Crow teams up with Lior Frenkel, CEO and co-founder of Waterfall Security, to explore how industries are rethinking OT cybersecurity in the age of ransomware and AI-powered attacks. Together, they break down why traditional firewalls can’t fully protect industrial control systems and how unidirectional gateways (data diodes) are redefining safety for everything from nuclear plants to casinos. You’ll learn: What data diodes really are and how they physically block inbound attacks. Why “air gaps” are no longer enough for modern connected environments. How remote-access tools like HERA are enabling secure operations. Real-world stories of industries upgrading defenses without losing efficiency. Whether you manage critical infrastructure, handle OT security, or just want to understand how cyber-physical systems stay safe, this episode will give you a new appreciation for data flow, digital risk, and resilience. Tune in to discover the future of secure connectivity - only on Protect It All. Key Moments:  07:46 Balancing Security and Operational Data 16:25 "One-Way Data Flow Explained" 22:19 "Air Gap for Data Transfer" 27:44 Increasing Awareness of Security Threats 32:05 Challenges of Power Plant Management 35:29 Global Risks Require Local Understanding 44:44 "OT Security and Zero Trust" 48:24 "Remote Access vs On-Site Work" 55:48 "HERA: TPM-Powered Remote Access" 58:43 Encrypted Remote Access Streaming 01:05:32 Secure Remote Control for Infrastructure 01:13:00 "Solving Critical Incident Response Gaps"   About the Guest : Lior Frenkel is a globally recognized OT cybersecurity leader and the CEO/co-founder of Waterfall Security Solutions, the company behind the industry-standard Unidirectional Security Gateways protecting critical infrastructure worldwide. With 25+ years of cybersecurity expertise, multiple patents, and leadership roles across Israel’s top technology, industrial, and export organ...

What happens when AI meets cybersecurity - and the music industry? In this eye-opening episode of Protect It All, host Aaron Crow sits down with Hadi Heidari, a cybersecurity veteran turned tech entrepreneur, to explore the groundbreaking (and sometimes risky) ways artificial intelligence is reshaping both digital defense and creative innovation. From AI-driven SOC operations and threat detection to music creation, data privacy, and identity protection, Aaron and Hadi dive deep into how the same technologies fueling creativity are also rewriting the rules of cybersecurity. You’ll discover: How AI is transforming both cyber defense and music production. The hidden risks of data training, privacy, and model misuse. How startups like Tune Pack are empowering artists through ethical AI. Why balancing innovation with integrity matters more than ever. Whether you’re protecting critical infrastructure or composing your next track, this episode will challenge how you think about creativity, ethics, and security in the AI era. Tune in for an inspiring conversation that bridges tech and artistry, only on Protect It All. Key Moments: 06:34 AI: Opportunities and Regulation Challenges 09:57 AI Risks: Data Privacy Challenges 11:03 AI Education for Security Awareness 15:50 "AI Risks in Cybersecurity Actions" 18:54 "AI Trust and IAM Policies" 21:13 AI Decision-Making Ethical Dilemma 27:19 AI Oversight and Quality Control 30:34 AI Ethics in Data Training 31:30 AI Ethics: Consent and Data Use 35:43 Detecting AI-Generated Fakes 37:59 AI, Security, and Challenges 42:33 AI Revolutionizing Security Analysis 47:14 "Learning Daily in Tech Space" 50:58 "Embracing Change in Music Industry" About the guest :  Hadi Heidari is the founder of TunePact, an AI label service designed to support independent musicians. With over 20 years of experience in cybersecurity, Hadi’s journey into the music industry is an u...

Think your company’s private data is safe? Think again. In this episode of Protect It All, host Aaron Crow pulls back the curtain on one of cybersecurity’s most underestimated frontiers - Open Source Intelligence. He reveals how attackers leverage publicly available data from LinkedIn profiles to leak passwords, mapping out targets, infiltrating systems, and exploiting the human attack surface. Drawing from real-world incidents and years of experience across IT and OT security, Aaron explains: How Open Source Intelligence fuels social engineering and insider threat campaigns. Why protecting systems isn’t enough - you must protect people. How to use Open Source Intelligence proactively for threat modeling and risk mitigation. Steps to monitor your digital footprint and reduce exposure before it’s too late. Whether you’re a cybersecurity professional, executive, or simply digital-curious, this episode will change how you think about “public information.” Tune in to learn how Open Source Intelligence can both expose and empower your cybersecurity strategy - only on Protect It All. Key Moments:  06:17 Securing Domain Admin Accounts 09:09 Proactive Employee Security Monitoring 12:19 "Protecting Human Attack Surfaces" 16:48 "Enhancing Cybersecurity with Open Source Intelligence” 18:49 Exposed Data Response Process Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall 

In this episode of Protect It All, host Aaron Crow takes a hard look at one of the biggest blind spots in OT cybersecurity: legacy Windows environments still running inside plants, refineries, and utilities. From Windows XP to Windows 10’s upcoming end of support, Aaron breaks down why these systems persist, the true cost of “doing nothing,” and the high-stakes trade-offs between replacement, isolation, and risk mitigation. You’ll discover: Why outdated Windows systems remain critical yet dangerously exposed. The myths of “true air gaps” and why they don’t protect you anymore. Practical isolation tactics, segmentation, strict access control, and monitoring. How to manage asset visibility, vendor dependencies, and downtime risks. Whether you’re a cybersecurity leader, plant manager, or operations engineer, this episode is your roadmap to making smarter, safer decisions about legacy systems before they cause costly disruptions. Tune in to learn how to balance operations, cost, and security and protect your OT world from old-system vulnerabilities. Key Moments:  01:22 "End-of-Life Systems in OT" 04:15 Upgrading Systems in Regulated Industries 07:35 Reducing Risk with Network Segmentation 12:02 "Firewall Rules and System Security" 15:52 Understanding Risks in End-of-Life Systems 18:54 Securing Legacy Systems Effectively Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:

In this solo episode of Protect It All, host Aaron Crow delivers a straight-talk reality check on the widening IT–OT cybersecurity gap and what it really takes to protect the systems that keep the world running. With decades of experience defending critical infrastructure, Aaron exposes why many OT environments are still years behind in resilience and visibility - and how we can finally fix that. You’ll learn: The real incidents prove why OT cybersecurity can’t afford to lag. Why visibility and segmentation are non-negotiable for industrial systems. How to build an incident-response plan that works when the stakes are highest. Practical steps to strengthen resilience and recovery across critical operations. This episode isn’t about fear - it’s about preparation. If your work touches energy, transportation, manufacturing, or utilities, this one’s your wake-up call to act before disaster hits. Listen now and learn how to protect what truly keeps our world moving - only on Protect It All. Key Moments: 05:06 "Real Risks of Critical Disruptions" 06:16 Redefining OT System Boundaries 11:42 Troubleshooting Unknown System Issues 14:09 "Secure Remote Access Best Practices" 18:28 "Planning for Worst-Case Scenarios" 19:36 Critical Infrastructure Under Cyber Threat   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube:

OT cybersecurity isn’t about installing more firewalls - it’s about adapting your entire mindset. In this episode of Protect It All, host Aaron Crow breaks down why IT security tools often fall short in industrial environments and what it really takes to protect operational systems. Drawing from 25+ years of hands-on experience, Aaron explores the differences between IT and OT priorities, why “silver bullet” solutions don’t exist, and how to build defense-in-depth strategies that actually work on the plant floor. You’ll discover: Why IT tools struggle in OT environments - and where they can help. How to balance availability, safety, and security in critical systems. Practical ways to manage legacy hardware, vendor dependencies, and remote access. The key to uniting IT and OT teams for stronger resilience. If you’re navigating the evolving world of industrial cybersecurity, this episode will change how you think about tools, processes, and protection. Tune in to learn how to bridge the IT–OT divide and build a smarter, safer security culture. Key Moments: 03:31 "Adapting IT Products for OT Use" 08:53 IT and OT Crossover Tools 11:05 Balancing OT Risk in Cybersecurity 13:37 Cybersecurity and Remote Secure Access 18:25 Designing Resilient, Independent Systems 21:40 Unified Cybersecurity Through Training & Collaboration 24:24 "IT and OT Integration Challenges" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X:

In this episode, host Aaron Crow welcomes cybersecurity expert John Schimanski Jr., Chief Information Security Officer at Trivigil, for an eye-opening conversation that every parent, educator, and technologist needs to hear. Together, they delve into the escalating dangers children face online - from the alarming rise of cyber predators and social media manipulation, to the misuse of AI and increasingly sophisticated scams targeting families. John shares powerful stories from his work with educational institutions and law enforcement, highlighting how digital threats are evolving far faster than most parents can keep up with. Aaron reflects on personal challenges as a parent navigating device safety and digital boundaries, and the two discuss practical strategies for protecting kids in today’s hyper-connected world. This episode doesn’t just explore the risks - it offers hope and tangible action, including details about cybersecurity education initiatives like the MASK Next Gen Shield game, designed to give kids and parents the knowledge they need to stay safe online. Whether you’re a concerned parent, a teacher, or someone working in the cybersecurity field, this discussion is packed with real-world advice and resources you can use right now. Tune in for a timely conversation on the front lines of digital safety—and learn why, when it comes to protecting our kids, awareness and action are more important than ever. Key Moments:  05:00 Digital Image Blacklist Management 08:08 Parental Cybersecurity and Tech Awareness 10:06 Fake Arrest Warrant Scam Alert 13:27 AI Development Concerns and Future 21:13 Online Predator Alert & Teen Safety 25:33 Limits of Facebook Moderation 27:29 Managing Digital Challenges for Parents 30:46 Teen Sextortion Crisis Emerges 33:44 "Saving Kids Amidst Social Media" 42:23 Broken Graphics Card Issue Resolved 45:33 Internet Safety Tips for Parents 49:43 Pause Before Reacting 51:17 Future Concerns and Optimism 56:46 "Essential Curriculum for Schools" About the guest :    John Schimanski Jr. brings more than three decades of experience in physical and cybersecurity, spanning private and public sectors. Beginning his career in 1994, he worked as a physical security specialist protecting super-regional shopping centers in high-crime areas, focusing on stolen vehicles and safety operations. During this time, he earned two master’s degrees—one in Criminal Justice and Security Administration and another in Managing Information Systems—along with a bachelor’s in Business Administration.   He transitioned into cybersecurity in 2007, when ransomware was still a $5,000 payment on a green dot credit card. While working in a small data center, he developed customized web services and interfaces for organizations such as the Las Vegas Motor Speedway and Electric Daisy Carnival (EDC).  

In this episode, host Aaron Crow sits down with cybersecurity leader and National Guard threat hunt team lead Christopher Ross, diving into the real-world experiences that shape careers in the intersecting worlds of IT and OT security. Chris shares his 18-year journey from joining the military with a passion for computers to leading critical infrastructure cybersecurity efforts - both in uniform and in the private sector. Together, Aaron and Chris break down myths about gatekeeping, discuss the unique challenges of military versus civilian roles, and highlight lessons learned along the way. From imposter syndrome to servant leadership, the conversation unpacks how effective communication, continuous training, and the willingness to learn from failure fuel professional growth. Chris also reflects on how military training instills risk mitigation and teamwork, and how those skills can translate - and sometimes clash - with civilian cybersecurity cultures. They talk certifications, hands-on learning, the importance of meaningful tabletop exercises, and the evolving landscape as AI powers both attackers and defenders. Whether you’re a veteran, a fresh analyst, or just passionate about cybersecurity, this honest and energetic exchange will leave you motivated to keep learning, keep growing, and keep protecting it all. So grab your energy drink and tune in for a conversation that proves everyone in cyber, no matter their path, has wisdom worth sharing.   Key Moments:  05:30 Military Adventures Surpass Civilian Opportunities 07:28 Military vs. Civilian Leadership Dynamics 10:42 Clarifying Civilian vs Military Missions 12:22 Leadership: Addressing Miscommunication & Misalignment 15:45 Toxic Leadership and Military Transition 20:01 Reliance on Tools vs. Core Skills 22:29 "Forgotten Skills Fade Over Time" 25:13 Boosting Confidence in New Roles 29:42 Interactive Training and Environmental Protection 32:37 Purple Teaming Strategy Insights 36:15 Persistence in Skill Development 39:04 Soft Skills Matter for Career Growth 42:44 "Technical & Business Acumen Fusion" 44:41 Military: Career Value and Benefits 48:09 "Cyber Education for K-12" Resources Mentioned :  https://www.ransomware.live/ comprehensive resource that tracks and monitors ransomware groups and their activities. https://ransomwhe.re/ tracks ransomware payments by collecting and analyzing cryptocurrency addresses associated with ransomware attacks.  https://www.ransom-db.com/ real-time ransomware tracking platform that collects, indexes, and centralizes information on ransomware groups and their victims.  About the Gu...

In this episode, host Aaron Crow is joined by Kathryn Wang, Principal of Public Sector at SandboxAQ, for a wide-ranging and candid conversation about the critical role AI and quantum technology are playing in today's cybersecurity landscape.  Kathryn and Aaron break down complex concepts like quantum cryptography and the growing risks of deepfakes, data poisoning, and behavioral warfare - all with real-world examples that hit close to home. They dig into why cryptographic resilience is now more urgent than ever, how AI can both strengthen and threaten our defenses, and why your grandma shouldn’t be left in charge of her own data security. From lessons learned in power plants and national defense to the nuances of protecting everything from nuclear codes to family recipes, this episode dives deep into how we can balance innovation with critical risk management.  Kathryn shares practical advice on securing the basics, educating your network, and making smart decisions about what truly needs to be connected to AI. Whether you’re an IT, OT, or cybersecurity professional—or just trying to keep ahead of the next cyber threat - this episode will arm you with insights, strategies, and a little bit of much-needed perspective. Tune in for a mix of expert knowledge, humor, and actionable takeaways to help you protect it all.   Key Moments:    04:02 "Securing Assets in Post-Quantum Era" 07:44 AI and Cybersecurity Concerns 12:26 "Full-Time Job: Crafting LLM Prompts" 15:28 AI Vulnerabilities Exploited at DEFCON 19:30 AI Data Poisoning Concerns 20:21 AI Vulnerability in Critical Infrastructure 23:45 Deepfake Threats and Cybersecurity Concerns 28:34 Question Everything: Trust, Verify, Repeat 33:20 "Digital Systems' Security Vulnerabilities" 35:12 Digital Awareness for Children 39:10 "Understanding Data Privacy Risks" 43:31 "Leveling Up: VCs Embrace Futurism" 45:16 AI-Powered Personalized Medicine About the guest :  Kathryn Wang is a seasoned executive with over 20 years of leadership in the technology and security sectors, specializing in the fusion of cutting-edge innovations and cybersecurity strategies.    She currently serves as the Public Sector Principal at SandboxAQ, where she bridges advancements in post-quantum cryptography (PQC) and data protection with the mission-critical needs of government agencies. Her work focuses on equipping these organizations with a zero-trust approach to securing sensitive systems against the rapidly evolving landscape of cyber threats.   During her 16-year tenure at Google and its incubator Area120, Kathryn drove global efforts to develop and implement Secure by Design principles in emerging technologies, including Large Language Models (LLMs) and Generative AI.   How to connect Kathryn :  https://www.linkedin.com/in/kathryn-wang/ <...

Welcome to another episode of Protect It All, where we dive deep into the world of IT and OT cybersecurity! In this episode, host Aaron Crow sits down with Patrick Gillespie, OT Practice Director at GuidePoint Security, for a candid conversation that's as insightful as it is relatable. Patrick, whose journey has taken him from working in manufacturing and building freight trains to leading OT security initiatives, shares real-world stories about the challenges and realities of protecting operational technology.  Together, Aaron and Patrick discuss the blurred lines between IT and OT, the importance of understanding business priorities in security, and why collaboration rather than heavy-handed mandates makes all the difference in securing critical infrastructure.  Whether you’re a seasoned professional or just getting started in cyber, you’ll come away with practical insights on risk management, building trust with operations teams, and the vital role of mentorship in developing the next generation of OT security experts.  Stay tuned for a grounded, actionable conversation that reminds us all: when it comes to securing the intersection of IT and OT, it’s about more than just technology -it’s about people, process, and the bigger business picture. Key Moments:  05:53 IT and OT System Confusion 07:43 Implementing Fortigate and Managing Risks 11:21 Outdated Systems and Patch Challenges 15:43 Comprehensive Onsite Assessment Toolkit 17:56 AI or Traditional? Balancing Approaches 21:16 "Securing OT: Remote Access and Training" 25:47 Cybersecurity Skill Growth Forecast 26:38 "Mentorship in Cybersecurity Careers" 30:22 Understanding Your Network Setup 35:39 Balancing Security and Accessibility 36:09 Leveraging Operational Team Buy-In 39:27 IT Budget Prioritization for OT Needs 42:44 Challenges in OT Security Adoption 46:56 Tech Growth & Infrastructure Expansion About the Guest :  Patrick Gillespie has spent over 15 years immersed in the world of cybersecurity, with the last three and a half years serving as the OT Practice Director at GuidePoint, a leading value-added reseller specializing in cybersecurity products.  At GuidePoint, Patrick leads a dedicated team of OT engineers focused on securing both operational technology (OT) environments and the rapidly growing array of IoT devices. Recognizing that clients often CISOs may not directly own OT assets or remediation processes, Patrick excels at bridging the gap between IT security leaders and their operational counterparts, such as plant managers and controls engineers.  Through his work, Patrick guides organizations to understand and address the unique challenges of OT security, helping them build collaboration across teams to strengthen their overall cyber defenses. How to connect Patrick :  GuidePoint Security University: https://www.guidep...

In this episode, host Aaron Crow sits down with longtime friend and colleague Scott Rosenberger, the cybersecurity leader for Vistra Corporation’s generation fleet. Together, they take a deep dive into Scott’s fascinating journey from an engineering background in nuclear power to overseeing cybersecurity across a sprawling, nationwide utility portfolio. You’ll hear insightful stories from the early days of OT cybersecurity - before most of today’s tools even existed - and how foundational principles like alignment, engagement, and standardization have driven years of progress.  Scott and Aaron reflect on the importance of building cross-disciplinary teams, developing strong communication strategies, and embracing the reality that real security is about continuous improvement, collaboration, and sometimes learning from mistakes. From tales of rolling out firewalls at power plants and negotiating with skeptical vendors, to lessons in leadership, trust-building, and the ever-evolving challenges of protecting critical infrastructure, this episode is packed with practical wisdom, industry anecdotes, and a look at what’s coming over the cybersecurity horizon. Whether you’re just entering the field or a seasoned pro, grab your headphones - you won’t want to miss this candid, insightful conversation. Key Moments:  04:37 Bridging IT and Cybersecurity 08:40 Revolutionizing Program Development Together 10:08 Building Consensus Through Communication 12:33 "Business Insights and NERC SIP Evolution" 17:18 Utility's Major Implementation Challenge 20:08 Corporate Cybersecurity Challenges Uncovered 21:58 "Automated Inventory and Cybersecurity Insight" 27:21 Optimizing Cybersecurity and Metrics 30:56 Essential Infrastructure Basics Lacking 34:17 "Identifying and Resolving Hidden Issues" 37:21 Encouraging Change in Industrial Practices 42:11 "Finding the Right Team Mindset" 46:11 "Importance of Pre-Job Briefs" About the guest:  Scott Rosenberger is currently the manager of Operational Technology for Luminant.  He developed the Luminant program to address the reliability, security and ongoing maintenance of Operational Technology for Luminant’s Fossil Generation Fleet.  He has a Bachelor of Engineering from Stevens Institute of Technology and is a registered professional Engineer in Texas.  In his 23+ years with Luminant he has worked in nuclear and fossil plants, many corporate roles and for 3 years as Director of IT Security and Compliance.  Scott also spent 3 years as a member of the NERC CIP drafting team. Links to connect Scott:  https://www.linkedin.com/in/scottrosenberger/ Connect With Aaron Crow: Website: www.corvosec.com 

In this episode, Aaron returns from an action-packed week at Black Hat and DEFCON in the sweltering heat of Las Vegas. He shares his firsthand impressions on the changing atmosphere of these legendary conferences, from skyrocketing prices to a slightly thinner crowd, and digs into hot topics like the surge in AI discussions and the ongoing clash of perspectives between IT and OT professionals.  Aaron also highlights the unmatched energy and camaraderie in the DEFCON villages—especially the ICS Village—and offers a sneak peek at exciting upcoming events, such as ResetCon and Lone Star Cyber Shootout.  Whether you’re a conference veteran or just OT-curious, this episode is packed with personal stories, industry trends, and tips for making the most out of these must-attend cybersecurity gatherings. Tune in and get ready to protect it all! Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

Welcome back to Protect It All, the podcast where host Aaron Crow goes beyond the basics of OT to explore the dynamic intersection of IT and OT cybersecurity. In this episode, Aaron takes us inside a hacker summer camp in Las Vegas - home to industry giants Black Hat and DEFCON, where tens of thousands of security professionals gather each year.  Drawing from his years of experience attending these events, Aaron unpacks the good, the bad, and the ugly of the conference circuit: from the value of in-person networking and the buzz of vendor events, to the challenges of ROI, overwhelming hype, and the evolving role of sponsors. Plus, he shares hard-won tips for making the most of Vegas - including how to find your tribe, engage meaningfully with vendors, and stay cool (literally and figuratively) amidst the chaos.  Whether you’re a first-timer or a seasoned attendee, this episode is packed with honest insights and actionable advice to help you navigate the ever-evolving world of cybersecurity conferences. Key Moments:  03:05 Networking’s Importance in Vegas 08:29 Evaluating Black Hat Conference ROI 12:17 "CISOs' Discreet Presence at Vendor Events" 13:22 Buzzword Overload at Conferences 18:40 Relationship-Driven Sales Strategy 21:02 Balancing Conference Costs and Value 25:44 "Prioritize Genuine Leads Only" 27:05 Enhancing Cybersecurity Events Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.a...

In this episode, host Aaron Crow is joined by Kam Chumley-Soltani, Director of OT Security at Armis, for a candid conversation that dives into the ever-evolving landscape of OT (operational technology) and IT cybersecurity. After several rescheduling attempts across time zones and even parking lots, Aaron and Kam finally sit down to share their frontline experiences and insights from the world of critical infrastructure security. From the increasing visibility of OT threats and the surge in regulatory requirements, to the convergence of IT and OT teams, they dig into what’s driving organizations to prioritize real-time visibility, risk management, and collaboration. Kam reflects on his diverse background in the military, at Cisco, Dragos, and now Armis, while Aaron draws on decades of experience leading teams across power plants and utilities in Texas. They both underscore the importance of people, process, and technology - reminding us that even the best tools are only as valuable as the teams that wield them. The discussion explores the challenges smaller utilities face, balancing regulation with limited resources, and the need for cyber-informed engineering from the very start. Plus, they look ahead at the role of AI in cybersecurity, the daisy-chain effects of infrastructure attacks, and the importance of community and continuous learning in keeping ahead of the curve. Whether you’re a cybersecurity veteran, just breaking into OT, or simply want to understand why your electricity bill matters, this episode is packed with anecdotes, practical advice, and a few laughs. So pull up a chair and get ready to protect it all! Key Moments:  03:18 Cybersecurity Developments and Regulatory Changes 06:33 Demand for Consulting and Assessments 09:51 Future of Regulation and Community 13:06 Regulating Small Utilities Challenges 16:41 Cybersecurity in Critical Infrastructure 19:43 Simplifying Complex Issues for All 26:12 Embracing AI in Cybersecurity 27:39 "Embrace Challenges, Educate Yourself" 30:14 Cybersecurity Threats to Infrastructure 34:29 Evaluating Automated Alerting Systems 39:38 Controlled Network Configuration Risks 42:10 Underfunded Team: Multi-Skill Necessity 45:31 "Collective Progress and Contribution" 48:13 "Geopolitical Threats to Infrastructure" About the guest :  Kam Chumley-Soltani serves as the Director of OT Solutions Engineering for the U.S. Public Sector at Armis, where he specializes in industrial cybersecurity. His expertise lies in designing secure and resilient network architectures for critical infrastructure environments. Previously, Kam led Cisco’s OT Solutions Engineering team for the entire U.S. Public Sector, delivering end-to-end solutions across IoT/OT security, network architecture, diverse RF wireless deployments, embedded systems, and edge computing. He has guided numerous global enterprises, federal agencies, and SLED organizations in architecting solutions that incorporate robust networking, cybersecurity controls, advanced threat dete...