After more than 100 conversations about real-world cybersecurity, OT, and AI, the PrOTect IT All Podcast finally has a home base and a new hive.
This newsletter connects the podcast, my new sites at aaroncrow.ai and protectitallpod.com, and a growing community of people responsible for keeping critical systems safe.
Who I Am
I work at the intersection of IT, OT, and cybersecurity, helping organizations protect critical infrastructure and industrial environments while still moving the business forward.
My work spans OT/IT integration, safe AI adoption, and building security programs that leaders actually understand and support. I am a Senior Director at Arcova (formerly MorganFranklin Cyber), CISSP certified, and have spent 25+ years across utilities, manufacturing, and critical infrastructure.
What the Podcast Covers
Across 100+ episodes, PrOTect IT All has focused on what it really takes to protect critical systems and the people who rely on them.
OT and critical infrastructure security: asset inventory, segmentation, end-of-life risk, and safety-first decision-making.
AI and cybersecurity: using AI for defenders, understanding where it empowers attackers, and staying ahead of deepfakes and modern social engineering.
Building real security programs: budgets, soft skills, tabletop exercises, and creating trust between OT, IT, and leadership.
100 Episodes, 5 Big Lessons
Relationships beat tools every time. The best defenses come from aligned teams, not just more products.
The fundamentals still decide outcomes. Visibility, segmentation, backups, MFA, monitoring, and practice.
OT is different on purpose. You cannot secure plants and grids like a typical office network.
AI is a double-edged sword. It can automate the work and amplify the threats.
Small and midsize orgs are on the front line. Attackers do not care about your headcount.
This Week in Cyber: CISA Warns of Active PLC Attacks
This is exactly why we do the podcast. On April 7, CISA issued an advisory warning that Iranian threat actors are actively targeting Rockwell Automation/Allen-Bradley PLCs across U.S. critical infrastructure. They are manipulating project files, tampering with HMI and SCADA displays, and causing real operational disruption and financial loss.
The key takeaways from the advisory:
Internet-facing PLCs are being exploited right now. Actors are using common OT ports (44818, 2222, 502) and tools like Studio 5000 to access exposed controllers.
Display manipulation is the new weapon. Operators may be making decisions based on false process readings. This is not just a cyber issue. It is an operations integrity issue.
The fixes are not exotic. Disconnect PLCs from the public internet. Restrict remote access behind MFA gateways. Back up and verify project files offline. Disable unused services.
If this sounds familiar, it should. We have covered this exact threat pattern across multiple episodes:
Ep 96: Poland's Power Grid Cyberattack covers what renewable energy infrastructure attacks teach us about OT security risks.
Ep 94: Compliance Isn't Security breaks down why NERC CIP alone does not catch the gaps in OT network monitoring that this CISA advisory exposes.
Ep 91: OT Remote Access After COVID explains why IT remote access tools fail in OT environments and what critical infrastructure actually needs.
Ep 93: OT Cybersecurity That Works walks through tabletop exercises, critical controls, and building trust, exactly the playbook for responding to this kind of threat.
More From the Field
Dragos 2026 OT Report: Only 30% of OT networks have visibility. 88% struggle with detection and response. Three new threat groups emerged this year, and adversaries are now mapping control loops to understand how to manipulate physical processes. Read the full report.
IBM X-Force 2026: 44% increase in attacks starting from public-facing application exploits. Vulnerability exploitation is now the #1 initial access vector (40% of incidents). Supply chain compromises nearly quadrupled since 2020. Read the findings.
AI as Critical Infrastructure: The World Economic Forum is now calling for AI compute to be treated as critical infrastructure in law and security architecture, after Iranian drones struck AWS facilities in the Gulf region. Read the analysis.
This is designed to be short, practical, and worth forwarding to your team. You can expect:
Episode breakdowns with 3 key takeaways you can turn into action.
Briefs on OT threats, AI risks, and incidents impacting critical infrastructure and SMEs.
Simple playbooks, prompts, and checklists you can reuse in meetings and tabletop exercises.
Your Next Step
Hit reply and tell me two things:
Your role (CISO, OT engineer, founder, plant manager, etc.)
The biggest security problem you are trying to solve this year.
Those answers will shape what shows up in your inbox and on future episodes.
Thanks for joining the PrOTect IT All hive.
Aaron Crow