OT Cybersecurity That Works: Tabletop Exercises, Critical Controls & Building Trust

You can’t secure OT environments with checklists alone - you secure them with trust, clarity, and focused action.

In this episode of Protect It All, host Aaron Crow sits down with OT security expert Dean Parsons to unpack what actually improves cybersecurity maturity in manufacturing, water, and wastewater environments. From remote access blind spots to outdated network architecture, they explore the practical gaps many organizations face - and how to fix them without massive budgets.

A central theme? Tabletop exercises. Not as a compliance checkbox - but as a powerful tool to build collaboration between IT and OT teams, clarify roles, and stress-test real incident response plans before a crisis hits.

You’ll learn:

• Why tabletop exercises accelerate OT maturity
• The importance of trust between engineers and IT teams
• How focusing on the SANS 5 Critical Controls drives meaningful progress
• Why visibility and architecture matter more than shiny tools
• How to improve OT security without overwhelming teams or budgets
• The human and process factors that determine response success
  
  

Whether you’re leading OT security, managing critical infrastructure, or trying to bridge IT and engineering teams, this episode delivers practical, experience-backed strategies you can implement immediately.

Tune in to learn how to strengthen OT security through people, process, and purposeful action - only on Protect It All.

Key Moments: 

03:57 "Improved IT-OT Collaboration Tabletops"

08:57 "ICS Security Priorities"

12:16 "Accelerating ICS Cybersecurity Programs"

15:07 Trusted Expertise Builds Credibility

17:28 "Engineering Role in Incident Response"

20:53 "Cybersecurity: Tabletops Gain Traction"

26:34 "Control Systems, Protocol Abuse Insights"

27:51 Secure Architecture Enables Network Visibility

33:07 "Targeted Network Monitoring Essentials"

35:23 Prioritize Critical Assets Strategically

37:50 "Bridging IT and OT Expertise"

41:56 Critical Infrastructure Security Risks

44:30 ICS Leadership and Threat Strategy

48:14 "Power Plant Walkthrough Insights"

52:02 Critical Cyber Asset Management

57:29 "SANS Courses: Essential and Valuable"

About the guest : 

Dean Parsons is a SANS Principal Instructor and the CEO and Principal Consultant of ICS Defense Force. Over the past two decades, Dean has built and led industrial cyber defense programs, conducted incident response and digital forensics in live plants and partnered with operators and engineers to maintain both safety and uptime across major industrial sectors.

He helps organizations align investment and policy decisions with operational priorities, developing risk metrics and tabletop exercises that unify operations, engineering, and cybersecurity so organizations in any industrial sector can prioritize and measure what matters.

How to connect Dean : https://www.linkedin.com/in/dean-parsons-cybersecurity

Connect With Aaron Crow:

• Website: www.corvosec.com 
• LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

• Email: [email protected] 
• Website: https://protectitall.co/ 
• X: https://twitter.com/protectitall 
• YouTube: https://www.youtube.com/@PrOTectITAll 
• FaceBook:  https://facebook.com/protectitallpodcast

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4