When the Grid Gets Hit: Inside OT Incident Response in Energy & Renewables
00:00 Introduction to Cybersecurity in Energy 02:44 Derrick's Journey into Cybersecurity 05:25 The Importance of Cybersecurity in Energy 08:05 Balancing New Technologies and Legacy Systems 10:44 AI's Role in Cybersecurity 13:16 Incident Response in Energy Sector 15:56 Compliance and Regulatory Challenges 18:38 The Impact of Renewable Energy on Cybersecurity 21:19 Future of Cybersecurity in Energy 22:55 The Importance of Security in Renewable Energy 28:14 Security by Design vs. Security by Demand 31:31 Cybersecurity Risks in New Energy Technologies 37:45 Investing in Operational Technology for Cybersecurity In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joe Saunders and special guest Derrick Bethea, NERC Compliance Manager and OT Cybersecurity Leader at Cypress Creek Energy, for an inside look at how utilities and renewable energy operators prepare for, respond to, and recover from cyber incidents. Drawing on years of experience securing operational technology (OT) environments, Derrick explains why incident response plans must be tested—not just documented—and how organizations navigate the complex intersection of cybersecurity, regulatory compliance, and operational resilience. Joe explores how AI is changing both cyber defense and attacker capabilities, why legacy infrastructure presents unique security challenges, and how security-by-design and security-by-demand must work together to strengthen the energy sector. Together, Joe and Derrick discuss: • Why OT incident response differs from traditional IT security • The realities of NERC CIP compliance and regulatory reporting • How AI is accelerating vulnerability discovery across critical infrastructure • Why security must be part of procurement and engineering decisions • The importance of testing incident response plans before an emergency occurs • How utilities can balance innovation with operational resilience Whether you secure power generation, renewable energy assets, industrial control systems, or other critical infrastructure, this episode offers practical lessons for strengthening cyber resilience before the next incident occurs. RunSafeSecurity.com

From Distress to Resilience: Guidance on Severe Tinnitus with Bruce Hubbard, PhD

Russia Hid $400M Under This Forest… Ukrainian Missiles Found It and DESTROYED It

The Cyber-Physical Truth: What We Get Wrong About Attacks on Critical Infrastructure

They Knew 432 Park Avenue Would Crack Before They Built It

The SECRET to Making PROFIT in Power-Only Trucking in 2025

Don't Hang Up On AI Scammers. Do THIS Instead.

Top 20 Most Quotable Monty Python Moments

You Can’t Patch Your Way Out of This: What Mythos Means for the Future of Cybersecurity

DIY Portable Air Conditioner: Cool or Heat Your Home!

Seeing the Invisible: Asset Discovery, Segmentation, and the Reality of OT Security

Incredible Process of 24k Pure Gold Extraction From Old PC RAM | How to Make Gold Into RAM

John Mearsheimer: “Enormous Damage” of U.S.’s Iran War Loss

Volt Typhoon and the Risk to Critical Infrastructure

The Real Reason Putin Invaded Ukraine — Sir Bill Browder

From Compliance to Resilience: Securing Digital Mission Systems at Military Scale

The Tiny 1.9MB Tool That's Making Microsoft's Worst Nightmare Come True — And Millions Are Using It

No Boss, No Money: The Raw Reality of China’s Gen-Z Freelancers

Yann LeCun Says LLMs Have 2 Years Left…

The Big Short (2015): The Jenga Scene – Explaining the Financial Collapse

