In this episode of the Industrial Cybersecurity Insider, host Dino sits down with Dan Cartmill, Sr. Global Product Marketing Director for TXOne Networks, to discuss the often misunderstood world of OT vulnerability management.

Dan brings a unique perspective, having started as a practitioner 17 years ago, before transitioning to the vendor side. The conversation explores why simply creating a list of vulnerabilities isn't enough – and what organizations should actually be doing to reduce risk in their OT environments.

Chapters:

• 00:00:00 - Introduction and Dan's Background
• 00:02:00 - Biggest Misconceptions About OT Vulnerability Management
• 00:04:00 - Blind Spots in OT Vulnerability Scanning
• 00:07:00 - Finding Vulnerabilities: OT vs IT Differences
• 00:10:00 - Proactive Approaches to Unknown Vulnerabilities
• 00:12:00 - How TX One Addresses Vulnerabilities Non-Disruptively
• 00:15:00 - Virtual Patching and Operations-First Philosophy
• 00:18:00 - IT/OT Convergence and Team Collaboration
• 00:21:00 - Building Relationships with Third-Party Partners
• 00:23:00 - Tabletop Exercises and Incident Response Planning
• 00:26:00 - Key Takeaway: Never Forget Your Original Objectives
• 00:28:00 - Dealing with Event Overload and Zero-Day Vulnerabilities

• Dan Cartmill on LinkedIn
• TXOne Networks
• Dino Busalachi on LinkedIn
• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Craig Duckworth on LinkedIn