PrOTect It All

Aaron Crow
  • 5.0 (7)
  • TECHNOLOGY
  • UPDATED WEEKLY

Welcome to "PrOTect It All," the podcast where we peel back the layers of cybersecurity to reveal the core strategies, challenges, and triumphs of protecting our digital and operational landscapes. We're thrilled to have you on board for an upcoming episode! Your insights and experiences are invaluable to our listeners who are eager to learn and engage with the leading minds in IT and OT security. As we gear up to dive into conversation, please feel free to share any specific topics or stories you'd like to discuss. Our audience appreciates both the technical deep-dives and the high-level overviews, so bring your unique perspective, and let's make cybersecurity accessible and engaging together. Thank you for joining us on this journey to foster a more secure future. We can't wait to hear your voice on the "PrOTect It All" podcast!

  1. Compliance Isn’t Security: NERC CIP 15 and the Real Gaps in OT Network Monitoring

    3D AGO

    Compliance Isn’t Security: NERC CIP 15 and the Real Gaps in OT Network Monitoring

    Passing an audit doesn’t mean you’re secure. In this episode of Protect It All, host Aaron Crow dives into one of the biggest misconceptions in operational technology: the belief that compliance equals protection. Using NERC CIP 15 as a real-world case study, Aaron explores why meeting regulatory requirements is only the starting point - not the finish line. A major focus of this conversation is OT network monitoring, especially the often-overlooked east-west traffic inside your environment. Many organizations monitor perimeter traffic while internal blind spots remain wide open. You’ll learn: Why compliance frameworks don’t automatically create security The real challenges of implementing NERC CIP 15 at scale Why internal network visibility (east-west monitoring) matters How to establish meaningful baselines in legacy OT environments The difference between audit success and operational resilience Why architecture, tooling, and skilled personnel must work together Whether you’re working in utilities, manufacturing, or critical infrastructure, this episode provides practical guidance on how to move beyond checklists and build security programs that truly reduce risk. Tune in to learn how to transform compliance requirements into real operational protection - only on Protect It All. Key Moments:  00:00 OT Security Blind Spots 05:15 "OT Security and Monitoring Challenges" 10:41 Aging Switches and Monitoring Challenges 13:16 OT Protocols and Infrastructure Challenges 15:42 "IT vs OT: Complexity Challenges" 18:03 "Balancing Compliance and Security" 21:57 Securing Critical Infrastructure Spaces Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast   To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

    23 min
  2. OT Cybersecurity That Works: Tabletop Exercises, Critical Controls & Building Trust

    FEB 16

    OT Cybersecurity That Works: Tabletop Exercises, Critical Controls & Building Trust

    You can’t secure OT environments with checklists alone - you secure them with trust, clarity, and focused action. In this episode of Protect It All, host Aaron Crow sits down with OT security expert Dean Parsons to unpack what actually improves cybersecurity maturity in manufacturing, water, and wastewater environments. From remote access blind spots to outdated network architecture, they explore the practical gaps many organizations face - and how to fix them without massive budgets. A central theme? Tabletop exercises. Not as a compliance checkbox - but as a powerful tool to build collaboration between IT and OT teams, clarify roles, and stress-test real incident response plans before a crisis hits. You’ll learn: Why tabletop exercises accelerate OT maturity The importance of trust between engineers and IT teams How focusing on the SANS 5 Critical Controls drives meaningful progress Why visibility and architecture matter more than shiny tools How to improve OT security without overwhelming teams or budgets The human and process factors that determine response success Whether you’re leading OT security, managing critical infrastructure, or trying to bridge IT and engineering teams, this episode delivers practical, experience-backed strategies you can implement immediately. Tune in to learn how to strengthen OT security through people, process, and purposeful action - only on Protect It All. Key Moments:  03:57 "Improved IT-OT Collaboration Tabletops" 08:57 "ICS Security Priorities" 12:16 "Accelerating ICS Cybersecurity Programs" 15:07 Trusted Expertise Builds Credibility 17:28 "Engineering Role in Incident Response" 20:53 "Cybersecurity: Tabletops Gain Traction" 26:34 "Control Systems, Protocol Abuse Insights" 27:51 Secure Architecture Enables Network Visibility 33:07 "Targeted Network Monitoring Essentials" 35:23 Prioritize Critical Assets Strategically 37:50 "Bridging IT and OT Expertise" 41:56 Critical Infrastructure Security Risks 44:30 ICS Leadership and Threat Strategy 48:14 "Power Plant Walkthrough Insights" 52:02 Critical Cyber Asset Management 57:29 "SANS Courses: Essential and Valuable" About the guest :  Dean Parsons is a SANS Principal Instructor and the CEO and Principal Consultant of ICS Defense Force. Over the past two decades, Dean has built and led industrial cyber defense programs, conducted incident response and digital forensics in live plants and partnered with operators and engineers to maintain both safety and uptime across major industrial sectors. He helps organizations align investment and policy decisions with operational priorities, developing risk metrics and tabletop exercises that unify operations, engineering, and cybersecurity so organizations in any industrial sector can prioritize and measure what matters. How to connect Dean : https://www.linkedin.com/in/dean-parsons-cybersecurity Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X:

    59 min
  3. Pen Testing Reality Check: Why Cybersecurity Fundamentals Still Matter More Than AI

    FEB 9

    Pen Testing Reality Check: Why Cybersecurity Fundamentals Still Matter More Than AI

    Shiny tools don’t break attackers in basic mistakes. In Episode 92 of Protect It All, host Aaron Crow sits down with Corey LeBleu, founder of Relix Security and seasoned penetration tester, for a candid look at what actually causes organizations to get compromised and why fundamentals still matter more than the latest security trends. Drawing from years of red-team and penetration-testing experience, Corey shares real stories from the field: forgotten printers, unmanaged IoT devices, legacy systems no one owns anymore, and misconfigurations hiding in plain sight. Together, Aaron and Corey unpack why asset visibility, patching, and change management continue to be the weakest links - even as AI and automation enter the security conversation. You’ll learn: Why old printers, IoT devices, and “temporary” systems are prime attack paths What most organizations misunderstand about pen testing and red teaming How poor asset inventory and change management undermine security programs The real risks behind shadow IT and unmanaged tools Where AI helps in pen testing and where experience still wins Why mastering the basics beats chasing new security gadgets every time Whether you’re a security professional, IT leader, or someone looking to break into cybersecurity, this episode delivers practical, no-nonsense lessons from the front lines - focused on what actually reduces risk. Tune in to hear why cybersecurity success still starts with the fundamentals - only on Protect It All. Key Moments:  03:57 Critical Infrastructure: Finding Vulnerabilities 06:44 "Cyber Risks from Hidden Devices" 11:25 Cybersecurity: Focus on Basics 16:09 Complex Systems Demand Continuous Testing 18:17 Understanding Complex System Security 22:54 "Testing: External vs. Internal" 24:12 Enterprise Challenges with AI Integration 27:40 AI Lowers Barriers for Hacking About the guest :  Corey LeBleu has built a career around application security testing, becoming deeply involved in integrating vulnerability assessments throughout the software testing lifecycle. Noticing shifts in industry practices, Corey observed major international financial institutions moving to routinely pentest every application- even legacy IBM systems - leading the way in robust cybersecurity practices. In contrast, Corey also highlights the challenges faced by manufacturing, where operational technology often suffers from outdated, vulnerable systems. Corey’s experience showcases the evolving landscape of application security, emphasizing the need for continuous testing and vigilance across diverse industries. How to connect Corey : https://www.linkedin.com/in/coreylebleu/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast

    34 min
  4. OT Remote Access After COVID: Why IT Tools Fail and What Critical Infrastructure Needs Now

    FEB 2

    OT Remote Access After COVID: Why IT Tools Fail and What Critical Infrastructure Needs Now

    Remote access transformed overnight - and OT environments are still feeling the impact. In this episode of Protect It All, host Aaron Crow is joined by Steve Rutherford, VP of Sales at Hyperport and former military officer, for a candid conversation on how secure remote access in operational technology (OT) has evolved - and where it’s heading next. They unpack how COVID accelerated remote connectivity across critical infrastructure, why many traditional IT security tools fall short in OT environments, and what protection really looks like when safety, reliability, and uptime are non-negotiable. Drawing from military discipline and frontline OT experience, Steve shares a grounded perspective on managing risk in environments where failure has physical-world consequences. You’ll learn: How COVID permanently changed OT remote access expectations Why IT-first security approaches don’t translate well to OT The role of layered access controls and policy-driven permissions How dynamic access and trust scoring are reshaping OT security Where IT/OT convergence helps - and where it creates new risk What leaders must prioritize to balance access, safety, and resilience If you’re responsible for enabling remote access while protecting critical operations, this episode delivers real-world insight, practical guidance, and a forward-looking view of OT cybersecurity. Tune in to understand what secure OT access really requires in today’s threat landscape- only on Protect It All. Key Moments:  00:00 Securing Critical Infrastructure Access 03:59 "OT Mindset: Defense and Offense" 07:26 "Remote Access Challenges in Operations" 11:45 "Challenges in OT-IT Integration" 16:07 Authority Must Match Responsibility 18:23 Simplifying OT Authentication Challenges 21:53 "Dynamic Trust Scoring with AI" 24:05 "Access Control and Segmentation" 28:57 "Secure Access Without Overreach" 33:12 "Left of Boom Awareness" 35:56 OT Security and Local Control 39:35 "Driving Early Adoption Awareness" 41:54 "Proactive Support for Critical Infrastructure" 45:52 "Remote Work Enhances Team Efficiency" 47:17 "Exciting Tech for Cybersecurity" About the guest : Steve Rutherford is a former U.S. Army officer and aviator who transitioned his mission-driven mindset from military service to protecting critical infrastructure through operational technology (OT) security. After exploring multiple industries, Steve found a natural alignment between military operations and OT environments - where safety, reliability, and uptime are non-negotiable. Today, he works in secure user access for OT, helping organizations protect the systems that power modern life. How to connect steve :  Website : https://hyperport.io/ Linkedin: https://www.linkedin.com/in/steverutherford1/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall

    50 min
  5. Securing Remote Access in OT: Visibility, Segmentation, and What Compliance Misses

    JAN 19

    Securing Remote Access in OT: Visibility, Segmentation, and What Compliance Misses

    Remote access is no longer optional in OT - but unmanaged connectivity is one of the fastest ways to lose control of critical systems. In this episode of Protect It All, host Aaron Crow breaks down the real challenges of securing connectivity across IT and OT environments. As vendors, technicians, and support teams increasingly rely on remote access, many organizations struggle with poor visibility, legacy systems, and unclear network boundaries - creating unnecessary risk. Aaron walks through newly released secure connectivity guidance from CISA and the UK National Cyber Security Centre, translating an eight-point framework into practical, real-world steps that security and operations teams can actually implement. You’ll learn: Why remote access is one of the biggest OT risk multipliers How poor visibility creates blind spots attackers love Why asset inventory and documentation are foundational - not optional How segmentation and least-privilege design shrink the attack surface What compliance frameworks get right - and what they don’t Best practices for vendor access, MFA, session recording, and monitoring How to design secure connectivity without breaking operations Whether you’re responsible for OT security, managing vendors, or bridging IT and OT teams, this episode delivers actionable guidance to help you regain control of connectivity and protect critical infrastructure. Tune in to learn how to secure access without sacrificing operations - only on Protect It All. Key Moments:  01:11 "Secure Connectivity in OT" 05:10 "Reducing Attack Surface Through Access Limits" 10:02 "Control System Upgrade Failure Impact" 12:00 Beyond Passwords: Strengthening Security 17:16 "Strengthening Cybersecurity Basics" 18:26 "Balancing Compliance and Security" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast  To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

    20 min
  6. Small Business Cybersecurity: Practical Steps to Survive Big Threats on a Small Budget

    JAN 12

    Small Business Cybersecurity: Practical Steps to Survive Big Threats on a Small Budget

    Small businesses aren’t too small to be targeted; they're often the first targets. In this episode of Protect It All, host Aaron Crow breaks down what cybersecurity really looks like for small and medium-sized businesses with limited resources. With nearly half of all cyberattacks aimed at SMBs and many companies never recovering, this episode focuses on what actually matters when budgets, time, and teams are tight. Aaron cuts through fear-based messaging and tool overload to share simple, affordable steps that can dramatically reduce risk without requiring a full security team or enterprise spend. You’ll learn: Why small businesses are prime cyber targets The most common mistakes that lead to catastrophic loss How basic policies and employee awareness stop most attacks Why multi-factor authentication, backups, and segmentation are non-negotiable How to prioritize cybersecurity when resources are limited Why resilience not perfection is the real goal Whether you’re a founder, business owner, or IT lead at a growing company, this episode gives you practical guidance you can act on immediately before a cyber incident forces your hand. Tune in to learn how to protect your business, your data, and your future only on Protect It All. Key Moments:  03:37 Cybersecurity Risks for Small Businesses 08:06 System Security and Backup Essentials 12:21 Cybersecurity: Prepare, Monitor, Survive 14:21 Efficient Device Monitoring Simplified 19:31 "Three-Two-One Backup Strategy" 20:20 "Planning Left of Bang" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast  To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

    26 min
  7. Cybersecurity Success in 2026: Why Planning Early and Investing in People Wins

    JAN 5

    Cybersecurity Success in 2026: Why Planning Early and Investing in People Wins

    Great cybersecurity programs aren’t built in a panic - they’re built through early planning, trusted relationships, and consistent execution. In this kickoff episode for 2026 of Protect It All, host Aaron Crow shares practical, real-world guidance on how cybersecurity leaders can avoid last-minute scrambles and instead build momentum that lasts all year. Drawing from years of experience across IT and OT environments, Aaron explains why people, trust, and planning matter more than any single tool or technology. This episode dives into how successful teams think ahead, budgeting wisely, engaging stakeholders early, and creating space for learning, networking, and collaboration beyond spreadsheets and ROI metrics. You’ll learn: Why starting early is the most underrated cybersecurity advantage How trust and relationships accelerate security programs Why investing in people over tools delivers better outcomes How to avoid procrastination and year-end panic The role of networking, conferences, and peer learning in long-term success How diversity, challenge, and momentum strengthen security teams What leaders should prioritize to make 2026 a year of progress - not firefighting Whether you’re planning budgets, building teams, or refining IT/OT security strategy, this episode delivers actionable guidance to help you move from intention to execution. Tune in and learn how to build a cybersecurity program that works all year long - only on Protect It All. Key Moments:  03:51 "Planning for Unforeseen Challenges" 09:02 "AI Automation: Challenges and Expectations" 10:21 "Budgeting: The Importance of Buffers" 16:16 "Diversity in Problem-Solving Approaches" 17:53 "Understanding Perspectives and Future Goals" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast  To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

    22 min
  8. AI Isn’t the Answer: Why Cybersecurity Fundamentals Still Decide OT and IT Success

    12/29/2025

    AI Isn’t the Answer: Why Cybersecurity Fundamentals Still Decide OT and IT Success

    AI is everywhere - but it won’t fix broken cybersecurity foundations. In this end-of-year wrap-up episode of Protect It All, host Aaron Crow takes a hard look at the growing hype around AI in cybersecurity and explains why fundamentals still matter more than any shiny new tool, especially in OT environments. Drawing from real-world experience and industry observations, Aaron challenges the belief that AI can compensate for missing basics like asset inventory, network segmentation, and clear ownership. He reframes AI as a powerful assistant not a savior and warns against the risks of rushing into automation without understanding what you’re protecting in the first place. You’ll learn: Why basic cybersecurity hygiene still determines success or failure How AI fits best when foundations are already in place The dangers of shadow AI in OT and industrial environments Why asset visibility and segmentation remain non-negotiable How leaders should think about AI as a support tool - not a shortcut What OT and IT teams should prioritize heading into 2026 Whether you’re closing out the year or planning ahead, this episode delivers a grounded, experience-driven perspective on building resilient cybersecurity programs—without chasing hype. Tune in to hear why mastering the basics is still the smartest cyber strategy - only on Protect It All. Key Moments:  03:32 "Technology Complexity vs. Practicality" 09:33 "AI as an Entry-Level Intern" 12:29 "AI: A Powerful Team Tool" 16:24 "AI Alone Won't Fix Cyber" 19:34 "Mastering Basics Before AI Integration" 21:46 "Shadow AI and Resilience" 25:26 "Addressing Gaps and Ownership" 30:27 "Foundations Matter for Success" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast  To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

    33 min
See All (94)

Ratings & Reviews

5
out of 5
7 Ratings

About

Welcome to "PrOTect It All," the podcast where we peel back the layers of cybersecurity to reveal the core strategies, challenges, and triumphs of protecting our digital and operational landscapes. We're thrilled to have you on board for an upcoming episode! Your insights and experiences are invaluable to our listeners who are eager to learn and engage with the leading minds in IT and OT security. As we gear up to dive into conversation, please feel free to share any specific topics or stories you'd like to discuss. Our audience appreciates both the technical deep-dives and the high-level overviews, so bring your unique perspective, and let's make cybersecurity accessible and engaging together. Thank you for joining us on this journey to foster a more secure future. We can't wait to hear your voice on the "PrOTect It All" podcast!

Information

  • Creator
    Aaron Crow
  • Years Active
    2024 - 2026
  • Episodes
    94
  • Rating
    Clean
  • Copyright
    © 2024
  • Show Website
    PrOTect It All

You Might Also Like