Skip to content

S2 E7 – The Ghost in the Machine: Why Operational Technology is Everyone’s Blind Spot

We spend billions securing our IT. But the operational technology running our physical world sits in the blind spot. Until someone breaks in.

There’s a machine in your building controlling something physical right now. It’s probably connected to the internet. And you definitely don’t know it’s there.

Operational technology (the systems running our HVAC, medical devices, building access, and production lines) sits in the biggest blind spot in cybersecurity. We patch our laptops every Tuesday. These systems haven’t been updated in a decade.

In this episode, we sit down with Amy Brooks, a chartered engineer with 15 years defending OT across healthcare, manufacturing, and critical infrastructure, and James Smith, a CovertSwarm Hive Leader who specializes in attacking these systems before real adversaries do.

What you’ll hear:

  • Why that “smart” building you moved into is full of inherited vulnerabilities nobody documented
  • How attackers pivot from a basic phishing email to controlling your production floor
  • Why you can’t patch OT the way you patch IT
  • What offensive OT testing actually looks like (hint: it’s about paths, not payloads)

This episode won’t panic you. It’ll show you what’s actually at risk and what you can do about it.