All Time Favorite Podcast Episodes: Andrew Ginter’s Top Picks

Five of Andrew's favorite podcasts to enjoy as 2023 comes to an end, and 2024 begins.
Waterfall team

Waterfall team

Top 5 Podcast Episode - Happy Holidays

I was asked to put a few words together about my favorite Industrial Security Podcast episodes of all time. I scanned the complete list at https://waterfall-security.com/podcast and came up with these five. The first four were episodes that contributed materially my thinking & the formation of sections and chapters in my latest “gold” book Engineering-Grade OT Security: A manager’s guide.

The fifth didn’t really fit the gold book, but I’m mulling the episode over for possible inclusion in my next book, if there is one. The gold book was all about risk in the context of individual organizations. For the future, I’m wondering if the world needs a bigger picture book of where OT cyber risk fits into the context of “all risks” that modern societies face, from nuclear war and EMPs to massive solar storms and global warming. I dunno for sure, please let me know what you think. 

“If you have time over the Christmas break and are looking for a podcast or five to make you think – full of ideas that will challenge your current understanding of the OT/industrial security space – these are the episodes I recommend.”

My top five episodes:

Episode #28: Unhackable Safeguards with James McGlone

James is a co-author of Security PHA Reviewa brilliantly-written book on using Process Hazard Analysis / HAZOP spreadsheets & concepts to improve cybersecurity with unhackable / engineering-grade mitigations.

 

 

 

Episode #68: Capabilities vs. Probabilities with Mark Fabro
Mark explains capabilities-based risk vs. older and murkier likelihood-based models, and uses capabilities to introduce cyber Design-Basis Threat (cDBT) – a way to eliminate “risk-based” hand waving.

 

Episode #85: Cyber Insurance is Changing Fast with Georgina Williams

Georgina walks us through changes in the insurance industry triggered by NotPetya and the $1.4 billion USD Merck Pharma payout. For many, OT cyber insurance is not the “one stop” solution it once was.

 

Episode #100: Engineering-Grade Security in the CIE Strategy with Cheri Caddy
Cheri led the US DOE / INL Cyber-Informed Engineering Strategy. Feedback I’ve heard from practitioners suggests the CIE Strategy might just be the single best thing to happen to OT cybersecurity, ever.

 

Episode #96: Consequences Matter with Danielle Jablanski
Danielle walks us through the very big picture. It is not just worst-case consequences that determine government policy & regulations, but also society’s ability to respond to different kinds of worst-case attacks.

 

If you have time over the holidays and are looking for a podcast (or five) to make you think – full of ideas that will challenge your current understanding of the OT/industrial security space – these are the episodes I recommend.

Share

Stay up to date

Subscribe to our blog and receive insights straight to your inbox