Drawing on their frontline experience in cyber operations and resiliency engineering, Mario and Matt explain why embedded systems demand a fundamentally different approach to cybersecurity. From limited patching capabilities and long system lifecycles to unique hardware and firmware attack vectors, traditional IT security models fall short in these environments.

Together, they discuss:

• Why embedded systems are often overlooked in cybersecurity strategies
• How attackers exploit firmware, hardware interfaces, and air-gapped environments
• The challenges of securing systems that must remain operational for decades
• The role of MITRE’s embedded threat matrix (ESTEEM) in mapping adversary behavior
• Why resilience—not just prevention—is key to defending critical infrastructure

From industrial control systems to national defense, this episode reveals what it takes to secure the technologies that quietly underpin modern society and why the time to act is now.

In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joe Saunders and Joe Slowik, Director of Cybersecurity Alerting Strategy at Dataminr, to discuss one critical question: Does AI actually reduce vulnerability risk or just accelerate the conflict?

With a background including MITRE ATT&CK, Dragos, Los Alamos National Laboratory, and U.S. government offensive operations, Slowik offers a dual-lens perspective on how AI is reshaping both sides of cybersecurity.

Together, they explore:

• How AI is increasing the velocity of vulnerability discovery and exploitation
• Why attackers may benefit from “good enough” AI outputs, while defenders require precision
• The rise in CVEs and why more vulnerabilities doesn’t necessarily mean worse security
• The growing risk in OT, IoT, and unmanaged edge devices
• Why AI is a powerful tool—not a magic bullet—and what that means for defenders

From enterprise security teams to critical infrastructure operators, this episode breaks down what security leaders must understand to stay ahead in an AI-accelerated threat landscape.

Together, they unpack the risks and responsibilities that come with AI-generated code. While AI can accelerate development and automate tedious tasks, it can also introduce defects, expand the attack surface, and create a dangerous illusion of completeness. Unlike human engineers, AI cannot explain intent, reason about long-term system behavior, or take accountability when systems fail.

Joe and Jacob discuss how engineering teams can safely integrate AI into development workflows without sacrificing security, reliability, or accountability, especially in systems that must operate safely for years in the field.

In this episode, they explore:

• Why AI-generated code can introduce hidden vulnerabilities and complexity
• The accountability challenge: who owns the risk when AI writes the code?
• How AI output should be treated as untrusted code by default
• Why rigorous testing, validation, and security reviews still matter
• Practical ways engineering teams can use AI responsibly in embedded development

For engineers, security leaders, and product teams navigating AI adoption in embedded systems, this episode offers practical insights into how to move faster with AI without weakening trust in the systems you build.

From continuous monitoring and secure-by-design development to Software Bills of Materials (SBOMs) and vulnerability transparency, the conversation examines what it takes to build trust in embedded and operational technology (OT) systems, especially as regulators sharpen their focus and nation-state threats grow more sophisticated.

Together, they explore:

• Why compliance should cover people, processes, and technology—not just policies
• How NIST frameworks are shifting from checklists to operational rigor
• The growing importance of SBOMs in supply chain transparency
• How AI is reshaping both cyber defense and attacker capability
• What new regulatory pressure (including the EU Cyber Resilience Act) means for manufacturers

Whether you build embedded systems, ship software to government agencies, or manage critical infrastructure, this episode offers practical insight into building compliance programs that strengthen security and earn trust.

Mike shares what he repeatedly finds during assessments of large OT and ICS networks: no effective firewall between IT and OT, flat networks with little segmentation, stale Windows domains, shared engineering credentials, exposed HMIs, and OT protocols that will accept commands from any reachable host. He explains how attackers move from IT into OT using familiar enterprise techniques before pivoting into PLCs, RTUs, safety systems, and historians.

Joe outlines why secure-by-design practices, higher software quality, and “secure by demand” procurement are critical to long-term resilience—especially as cloud connectivity and AI accelerate modernization in industrial environments.

Together, they explore:

• Why a missing or misconfigured IT/OT firewall remains the most common and dangerous gap
• How micro-segmentation and unidirectional architectures reduce blast radius
• The risks of web-enabled HMIs and long-lived legacy systems
• Why monitoring PLC programming traffic and historian queries matters
• How the Cyber Resilience Act is reshaping accountability for OT vendors

If you’re responsible for industrial operations, plant uptime, or product security, this episode shows how attackers actually move through OT environments—and how to eliminate the mistakes they depend on.

The conversation goes beyond debates about “open vs. proprietary” to explore how a single library can quietly introduce sprawling dependency chains, unclear maintenance responsibilities, licensing obligations, and long-term security exposure,  especially in devices expected to operate for years or decades.

Elecia and Joe share guidance for using open source intentionally, including how to set guardrails early, limit dependency blast radius, and design systems that can respond when vulnerabilities emerge, even when patching isn’t easy.

Together, they cover:

• Why embedded teams don’t get burned by open source, they get burned by unexamined dependencies
• How transitive dependencies and “helpful” packages quietly expand attack surface
• Why professionalism, documentation, and disclosure practices signal trustworthy projects
• Why build-time SBOMs matter more than after-the-fact analysis
• How Secure by Design thinking reduces reliance on emergency patching

For embedded engineers, product leaders, and security teams balancing delivery pressure with long-lived risk, this episode offers advice for using open source without inheriting future incidents.

In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and Hemanth Tadepalli, Senior Cybersecurity & Compliance SME at May Mobility, for a practical discussion on what cyber resilience looks like inside real-world autonomous vehicle programs.

Hemanth draws on his experience securing mobility systems at May Mobility, as well as prior work with Mandiant, Google, and AlixPartners, to explain how automotive organizations are adapting to software-defined vehicle architectures, regulatory pressure, and expanding attack surfaces. Joe shares his perspective on why mobility companies increasingly resemble software companies and what that means for engineering, governance, and operational security.

Together, they explore:

• How connected and autonomous vehicle architectures expand the attack surface
• What cyber resilience means in day-to-day engineering and fleet operations
• How governance, threat intelligence, and software validation reduce risk
• Regulatory pressures shaping automotive security decisions
• How teams balance detection, response, and safety in autonomous systems

Whether you’re building autonomous platforms, managing connected fleets, or securing safety-critical software, this episode offers a grounded look at what it takes to keep modern mobility systems trustworthy and safe.

In this end-of-year predictions episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder & CEO Joseph M. Saunders and CTO Shane Fry to discuss what will define ICS and critical infrastructure security in 2026.

The episode explores a bold prediction: We will see a major ICS breach originating from a web application vulnerability running directly on an embedded control device. As full Linux operating systems, Node.js apps, and web servers increasingly appear inside OT equipment, long-standing IT vulnerabilities are colliding with systems that are difficult—or impossible—to patch.

Joe and Shane dig into why detection-only strategies fall short in constrained, long-lived devices, and why secure by design engineering, memory safety, and runtime protections are becoming essential. They also discuss the importance of accurate, build-time Software Bills of Materials, especially as regulations like the EU Cyber Resilience Act push manufacturers toward transparency, accountability, and provable supply-chain visibility.

Together, they cover:

• Why ICS exploitation is shifting from theoretical to operational
• How web app and RCE vulnerabilities are creeping into OT devices
• The limits of detection-only security strategies
• Why memory safety and runtime protections reduce exploitable risk
• How build-time SBOMs improve vulnerability tracking and trust

In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joseph M. Saunders and special guest Sean McKeever, Global Product Cybersecurity Lead at Marelli, for a candid discussion on what it really means to secure modern vehicles. Sean brings deep industry experience to unpack how OEMs and suppliers are navigating data stewardship, autonomous testing, vehicle theft, and diverging global regulations.

Together, Paul, Joe, and Sean explore:

• What constant connectivity means for driver privacy and data stewardship
• The risks of beta-testing autonomous systems on public roads
• How car theft has shifted from physical break-ins to software exploitation
• Why U.S. and EU cybersecurity regulations take fundamentally different approaches
• The importance of collaboration across OEMs, suppliers, and regulators

From RF relay attacks to software-defined vehicles with decade-long lifecycles, this episode highlights why cybersecurity is no longer an add-on but a core design decision shaping the future of mobility.

Salim breaks down how restrictive licenses, such as GPL and AGPL, can force the disclosure of proprietary code, interrupt product shipments, or create exposure long after devices are deployed in the field. Joe shares why accurate SBOMs, automated license checks, and enforcing policy at build time are critical to preventing surprises in downstream products. The discussion also touches on the ongoing Vizio case, where the TV manufacturer faces litigation that could compel public release of source code under the GPL, highlighting how open source obligations can surface years after products hit the market.

Together, Paul, Joe, and Salim explore:

• How copyleft obligations can require source-code disclosure
• Why embedded environments complicate license compliance
• Real-world cases where unnoticed GPL dependencies caused major issues, such as Vizio’s GPL lawsuit and Cisco’s WRT54G router family
• The growing implications of AGPL for SaaS and connected services
• How build-time SBOMs and automated controls reduce long-term risk

Whether you're building connected devices, managing software supply chain compliance, or protecting proprietary IP, this episode offers practical guidance to reduce copyleft risk before it becomes a costly problem.

Joe breaks down how organizations can gain an asymmetric advantage by reducing exploitability across entire classes of vulnerabilities, especially persistent memory safety flaws that continue to expose critical systems. He shares why adding lightweight, automated protections at build time is one of the fastest ways to shift the cost curve onto attackers without forcing massive code rewrites or slowing development teams down.

Together, Paul and Joe discuss:

• Why attackers’ resource advantage requires a new defensive mindset
• The power of “patchless” protection in embedded and OT environments
• Why memory safety flaws persist and how to neutralize them at scale
• The risks of AI-generated code and how to prevent silent vulnerabilities
• How Secure by Design practices improve resilience for critical infrastructure

If you're responsible for securing embedded systems, OT assets, or long-lived devices where patch cycles are slow and risk is high, this episode offers a new mindset that gives defenders the upper hand.

Ralph shares from his decades of firsthand experience defending industrial control systems and explains why traditional CVE-focused vulnerability management falls short in OT. He breaks down the three major categories of OT vulnerabilities—design flaws, feature abuse, and configuration errors—and reveals why competent attackers often ignore CVEs entirely. Joe highlights how memory-based vulnerabilities continue to threaten critical systems and why eliminating entire vulnerability classes can create an asymmetric advantage for defenders.

Together, Ralph and Joe explore:

• Why most OT equipment remains insecure by design and why replacement will take decades
• How features, not bugs, often become the real attack vector
• The growing role of ransomware and IT-side weaknesses in OT compromises
• Practical steps OT defenders can take today to incrementally improve resilience
• The value of class-level protections, better architectures, and secure development processes

Whether you secure energy infrastructure, manufacturing systems, or mixed IT/OT networks, this episode delivers experience-driven guidance for strengthening cyber-physical resilience.

Kelly breaks down how “clean file” strategies are redefining cybersecurity by ensuring only safe, verified content enters critical systems. Joe connects these insights to operational technology (OT), where malicious code can disrupt industrial operations, safety systems, and even national infrastructure.

Together, they explore:

• How AI is changing both attack and defense in cybersecurity
• Why detection-based security is too slow—and how AI is widening the gap
• How Content Disarm and Reconstruction (CDR) strengthens federal and defense workflows
• How federal agencies can adopt file-level defenses using pilots, boundary controls, and workflow APIs
• The parallels between clean files in IT and secure binaries in OT

Whether you’re defending national assets or securing industrial systems, this episode reveals why prevention—not detection—is the smartest defense in the AI era.

Joe discusses how medical device manufacturers are aligning innovation with evolving FDA and CISA cybersecurity expectations, embedding secure-by-design principles, and redefining engineering culture to treat security as part of product quality and not just compliance.

Listeners will learn:

• Why Secure by Design is critical for building safe, resilient medical devices from the start
• How FDA guidance has pushed manufacturers to treat cybersecurity as part of product design and is reshaping compliance in healthcare
• What a Software Bill of Materials (SBOM) is and why generating it at build time gives the clearest picture of software risk
• Why openness about software components helps reduce risk, even when it feels counterintuitive
• How standardizing development practices makes devices safer, lowers costs, and leaves more room for innovation
• 
  

For those developing life-critical devices or managing medtech risk, this episode explores how building security into every stage of design and development protects patients and sustains innovation in connected care.

They discuss how AI-driven decision support, predictive analytics, and digital twins are giving defense teams faster insights and tactical advantages while maintaining trust, security, and control. The conversation looks at examples of how AI is accelerating acquisition processes, strengthening cybersecurity, and even supporting front-line logistics aboard Navy vessels.

Together, Joe and Arthur discuss:

• How generative AI accelerates decision-making and mission readiness
• The role of commercial off-the-shelf (COTS) AI in defense innovation
• Why responsible AI and human oversight remain critical
• How secure, scalable platforms are redefining operational impact

Whether you’re in defense, cybersecurity, or technology leadership, this episode sheds light on how generative AI is helping warfighters stay one step ahead.

In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security’s Kelli Schwalm and CEO Joseph Saunders to unpack the technical and strategic impact of the 2025 SBOM draft.

Kelli explains key additions like component hashes, generation context, and transitive dependencies, and how they improve accuracy and traceability. Joe connects the dots to the bigger picture—how richer SBOMs enable resilience, transparency, and safer disclosure practices across the software supply chain.

Together, they explore:

• Why new SBOM data fields (like hashes and license metadata) matter for risk mitigation
• The ongoing challenges of SBOMs for embedded and C/C++ systems
• How stronger visibility supports secure vulnerability disclosure and compliance
• Why SBOMs are evolving from check-box compliance to core resilience tools

Whether you manage embedded software, oversee product security, or shape compliance policy, this episode reveals how the 2025 SBOM Minimum Elements is set to reshape software assurance for years to come.

Madison shares insights from her work bridging the gap between policymakers and technologists, highlighting what “best-in-class” public-private partnerships look like and why security by design is a shared responsibility. Together, Madison and Joe unpack how AI, geopolitics, and legacy systems intersect in today’s cyber threat landscape and what it will take to build lasting resilience.

From aligning economic incentives to enabling secure-by-design innovation, this discussion underscores one essential truth: protecting critical infrastructure isn’t just a technical mission—it’s a collective one.

In this episode, you’ll learn:

• How collaboration between government and industry drives national cyber resilience
• What “best-in-class” public-private partnerships look like in practice
• The challenges of protecting legacy systems that were never built to be online
• How AI and emerging technologies are reshaping cyber defense and regulation
• Why secure-by-design principles must become a shared responsibility
• Where current policies succeed—and where leaders can push for meaningful change

Joe explains how firmware vulnerabilities in embedded and connected devices—across healthcare, automotive, energy, and defense—can be exploited at scale, and why legacy assumptions about firmware trust are no longer enough. Listeners will learn:

• Tactics adversaries use to exploit firmware vulnerabilities
• Risks inherited from third-party firmware and complex supply chains
• How “shifting security down the stack” enhances trust for all systems above it
• Practical steps CISOs, security leaders, and device manufacturers can take to harden firmware

This episode uncovers an often-overlooked attack surface, showing why securing firmware is a strategic priority for reducing risk at scale.

Joe shares real-world examples of water system breaches, programmable logic controller (PLC) exploits, and the dangers of memory-unsafe code that persists across legacy and modern systems. He explains how attackers weaponize software supply chain weaknesses and software determinism—and why preventing exploitation at build time is critical.

Topics discussed include:

• How adversaries infiltrate embedded and industrial devices
• The role of nation-state motivations, economic espionage, and insider threats
• Why memory-unsafe languages remain a root cause of critical vulnerabilities
• How Secure by Design practices and runtime protections can harden devices without disrupting operations
• What manufacturers must watch as AI-driven attack paths begin to emerge

For leaders responsible for protecting industrial systems, this episode offers a clear-eyed look at the risks and practical strategies to defend machines before they get hacked.

Dave explains why applying enterprise IT security models to mission-critical weapon systems is dangerously inadequate, how long patch cycles and software reuse create systemic vulnerabilities, and why proactive defense against unknown threats is essential. The conversation explores:

• How adversaries exploit software flaws in unpatched, mission-critical systems
• Why cultural change inside the DoD and its ecosystem is as vital as its technical defenses
• The role of Secure by Design in weapons development lifecycles
• The risks of open-source and supply chain dependencies in defense programs
• Why resilience and runtime defenses are critical to mission survivability

For defense leaders, program managers, and technologists, this episode highlights how adopting a new mindset around weapons cybersecurity is key to safeguarding national security.

In this episode of Exploited: The Cyber Truth, host Paul Ducklin and RunSafe Security CEO and Founder Joseph M. Saunders examine Taiwan’s fragile critical infrastructure, exposed undersea cables, and dependence on imported energy—weaknesses that adversaries could exploit through cyber warfare and gray-zone tactics.

Drawing lessons from Ukraine and Israel, Joe and Paul explore:

• How Taiwan’s semiconductor “super sector” makes it a global cyber target
• Why energy and telecom resilience are linchpins of national survival
• The role of software supply chain security and memory safety in defense
• How the same cyber playbook could threaten U.S. and allied infrastructure

This sobering conversation underscores a vital truth: in the age of hybrid warfare, digital resilience is deterrence itself.

Joe explains why embedded systems and critical infrastructure demand a different approach—one that builds protections in from the start. He unpacks:

• Why patching after deployment creates dangerous gaps for attackers
• How build-time memory safety and code-hardening disrupt exploitation
• The software supply chain risks of relying on incomplete SBOMs
• Real-world examples of how build-time defenses reduce costly downtime and post-production scrambles

If you’re leading a program of record, developing embedded systems, or managing software security, this conversation reveals why “Secure by Design” is the only way forward.

Joe shares insights into:

• Why 65% of drivers believe remote hacking is possible
• Why 79% prioritize physical safety over personal data privacy
• How 87% say strong cybersecurity would influence their buying decision
• The role of over-the-air updates and what consumers fear most about them
• How trust in cybersecurity could shape brand loyalty alongside performance and fuel economy

Tune in to learn why cybersecurity is quickly becoming the next must-have feature for connected vehicles.

Ron explains why this remote code execution flaw is more dangerous than most, how attackers exploit unauthenticated access to steal contracts, customer records, and intellectual property, and why patching alone won’t keep systems safe. Joe underscores the downstream risks for operational technology (OT), where attackers can pivot from IT breaches to disrupt industrial environments.

You’ll learn:

• Why SharePoint servers are a high-value target for attackers
• The real risk when IT breaches spill into OT environments
• Why compliance isn’t enough without true customer data protection
• Three  steps for security leaders to gain an organization-wide view of cyber security

This episode is a wake-up call for integrated, resilient cybersecurity that safeguards both corporate data and critical operations.

In this episode of Exploited: The Cyber Truth, host Paul Ducklin speaks with Joe Saunders, CEO and Founder of RunSafe Security, about the complex risks inside today’s highly connected industrial environments.

Joe shares insights into:

• Why the Purdue security model falls short in the cloud and IoT era
• How attackers gain value from even “read-only” factory access
• The role of standards like IEC 62443 in raising security posture
• Why software quality and Secure by Design practices matter as much as compliance
• Extending the life of legacy systems with memory safety protections

From factory floor sensors to enterprise IT systems, this conversation unpacks what manufacturers, suppliers, and operators can do to stay one step ahead of motivated adversaries.

From breaking into an autonomous narco sub and a real-world port crane to candid discussions about legacy system vulnerabilities, the conversation dives into the most surprising takeaways from Las Vegas—and why they matter for national security.

You’ll hear:

• What DEF CON revealed about ICS and OT risks
• How maritime pros are rethinking security priorities
• Why legacy code and memory safety remain urgent challenges
• The role public hacking events play in strengthening critical infrastructure defenses

Whether you were there in person or following from afar, this insider debrief delivers lessons every security leader can act on now.

In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by Joe Saunders, CEO of RunSafe Security, for a deep dive into the balancing act of rapid software development and strict regulatory demands in the defense sector.

Joe shares first-hand insights into:

• The risks of layered supplier networks and open-source dependencies
• How automated Secure by Design solutions support both resilience and speed
• The vital role of transparency and full Software Bills of Materials (SBOMs)
• Why deterministic behavior is key in real-time, safety-critical systems
• How DevSecOps and CI/CD pipelines can streamline compliance and security

Whether you're leading a program of record, managing cyber risk, or modernizing embedded systems, this conversation equips you with actionable strategies to futureproof your software while meeting mission timelines.

Gabriel shares eye-opening research into telematics vulnerabilities that could allow attackers to remotely control vehicles—underscoring the critical need for proactive defense. Joe explains why hardening systems at build time and securing complex supply chains are essential steps toward resilience.

Together, Joe and Gabriel explore:

• The consequences of insecure MQTT configurations in fleet vehicles
• The evolving role of memory safety in embedded system defense
• The importance of security-by-design in the automotive SDLC
• The value of third-party researcher collaboration in vulnerability discovery

Whether you build ECUs, design infotainment systems, or oversee cyber risk across a fleet, this episode reveals how collaboration between researchers, OEMs, and security experts is driving a safer future for connected vehicles.

Joe explains how groups like CyberAv3ngers—linked to the IRGC—are exploiting weak security in industrial control systems (ICS) and operational technology (OT). Their tactics aren’t always sophisticated, but they are effective: default passwords, outdated software, and internet-exposed devices are all they need to lock operators out and take control.

This urgent conversation explores:

• What we know about recent cyber campaigns targeting PLCs and HMIs
• How poorly secured infrastructure becomes a launchpad for nation-state actors
• What disruptions mean for national security and public health
• What municipalities, vendors, and regulators can do today to improve defenses

Whether you’re a system operator, vendor, or policymaker, this episode will leave you with a clearer picture of the risks—and what’s at stake.

RunSafe Security CEO Joe Saunders and special guest Duncan Woodbury—CEO of Liberas and Executive Director of the Maritime Hacking Village at DEF CON—join host Paul Ducklin for a candid conversation about securing the floating infrastructure that powers global trade and national defense.

As ships evolve into cloud-connected data centers and autonomous vessels redefine modern naval operations, the cyber stakes couldn’t be higher. From GPS spoofing and AIS jamming to real-world crane system takeovers and confiscated narco-subs, Duncan shares what hackers—and defenders—will encounter at this year’s Maritime Hacking Village at DEF CON 33.

Together, Joe and Duncan explore:

• Why maritime infrastructure is the “last dinosaur” of digital transformation
• The risks of legacy software in mission-critical systems
• How offensive security is driving rapid discovery and remediation
• Why hiding vulnerabilities only benefits your adversaries

Whether you're building autonomous surface vessels, managing port logistics, or leading security strategy for a defense program, this episode offers an inside look at how to navigate maritime cybersecurity before attackers set the course.

From philosophical strategies like “Premeditation of Evils” to inversion thinking and paradoxical reasoning, Leslie shares how blending creativity with technical precision can help organizations better anticipate and prepare for evolving cyber threats. Joe and Leslie also explore the double-edged nature of generative AI—how it can serve both attackers and defenders—and why companies must embrace human-centered frameworks alongside technical tools.

Together, they examine the risks of expert bias, the pitfalls of over-automating with AI, and how to design cybersecurity strategies that prioritize adaptability, foresight, and Secure by Design principles.

Topics covered:

• The role of creative thinking in modern cybersecurity
• Inversion thinking as a planning tool for resilience
• How attackers—and defenders—are using generative AI
• Why AI can’t replace human judgment in risk strategy
• The critical need for Secure by Design software development

Whether you’re building products, leading a team, or defining security policies, this episode offers a fresh, actionable perspective on how to stay ahead of both known and unknown threats.

As embedded systems grow more complex, attackers are moving faster, exploiting flaws before most organizations even know they exist. Patrick shares research on how frequently vulnerabilities are weaponized prior to disclosure and what that means for defenders across critical infrastructure, OT environments, and embedded technologies.

Together, the group explores how hidden software dependencies, insufficient supply chain visibility, and outdated components create long-term blind spots for security teams. They also discuss actionable strategies, from Software Bills of Materials (SBOMs) to proactive disclosure, that help organizations build more resilient systems.

Topics covered:

• Why exploitation often occurs before vulnerabilities are publicly disclosed
• The hidden risks in embedded systems and opaque supply chains
• How SBOMs and build-time visibility can help mitigate inherited risk
• The importance of security maturity in long-lifecycle product environments
• What organizations can do today to reduce risk and increase resilience

Whether you're in cybersecurity, product development, or managing legacy infrastructure, this episode will reshape how you think about vulnerability intelligence and embedded system security.

From real-world consequences like forced patient transfers and increased downtime, to the rising willingness of healthcare organizations to pay premiums for secure devices, this conversation reveals how cybersecurity is reshaping healthcare operations and procurement strategies. Joe explains why securing medical devices requires a fundamentally different approach than traditional IT, the growing intersection of IT and operational technology (OT) risks, and why regulatory standards are more critical than ever for patient safety.

Topics covered:

• Real impacts of cyberattacks on medical devices and patient care
• Why 46% of healthcare organizations have declined to buy devices lacking strong security
• The unique challenges of securing medical devices versus traditional IT systems
• The convergence of IT and OT security risks in healthcare environments
• The rising importance of Software Bills of Materials (SBOMs) in medical device procurement
• Advice for device manufacturers adapting to a security-first healthcare market

If you’re involved in healthcare, medical device manufacturing, or cybersecurity, this episode offers vital insights into the new front lines of protecting patient care in a connected world.

As navies deploy autonomous vehicles on—and below—the water’s surface, this conversation explores the overlooked cybersecurity risks that threaten their resilience and effectiveness. Sparky shares Ocean Aero’s vision for solar- and wind-powered autonomous vessels capable of weeks-long missions while Joe breaks down the need for embedded security to ensure these systems can operate safely in contested environments.

Topics covered:

• How autonomous maritime vehicles reshape modern defense strategy
• Interoperability challenges and the need for Secure by Design systems
• Why nations like South Korea are shifting from traditional assets to autonomous fleets
• Risks posed by supply chain vulnerabilities and insecure software components

Whether you're in defense, critical infrastructure, or cybersecurity, this is a must-listen discussion on protecting mission-critical systems in an increasingly connected battlespace.

Guests Phil Englert, VP of Medical Device Security at Health-ISAC, and Joe Saunders, CEO of RunSafe Security, bring decades of experience to a candid discussion on what practical, compliance-ready security looks like when device updates or patches aren’t an option.

They explore how to protect long-life medical devices with limited support, how to interpret and align with evolving FDA premarket and postmarket guidance, and how tools like SBOMs are reshaping transparency and accountability in the healthcare ecosystem. The conversation emphasizes the shared responsibility between manufacturers and providers to prioritize both cybersecurity and patient safety.

In this episode:

• What “security without code changes” really means in healthcare
• Why legacy medical devices are difficult to secure—and what still can be done
• The importance of SBOMs for transparency and visibility
• How evolving FDA expectations are influencing both manufacturers and providers
• Why cybersecurity and patient safety must now go hand in hand

If you're navigating regulatory demands or simply trying to protect vulnerable medical systems, this episode offers grounded insights and real-world strategies.

As connected cars grow more complex—with over 100 million lines of code and dozens of software components—they also become more vulnerable. Joe joins host Paul Ducklin to unpack how Secure by Design principles can help OEMs and suppliers address these risks before they hit the road.

We dive into why memory safety is foundational for protecting embedded systems like ECUs and infotainment units, and how the CAN bus and real-time operating systems factor into broader security decisions. Joe also explains how industry frameworks like ISO 26262 and ASIL (Automotive Safety Integrity Level) classifications help automotive teams align cybersecurity with functional safety goals.

If you're working on embedded systems, vehicle software, or supply chain security in the automotive world, this episode breaks down what it really takes to build safe, secure, and resilient vehicles—right from the start.

In this episode:

• Why vehicles have become such attractive cyber targets—and how criminals are exploiting remote attack vectors
• What “Secure by Design” really means for ECUs, infotainment systems, and embedded firmware
• How to manage software risk across global, multi-tier automotive supply chains
• Why memory safety is key to preventing attacks before they happen
• How ASIL safety levels guide critical system design and compliance
• The role of SBOMs, OTA updates, and RTOS security in future-proofing connected cars
• What a “shift left” approach actually looks like for automotive cybersecurity teams

If you’re building or securing the next generation of connected vehicles, this episode delivers critical insights on embedding cybersecurity into the foundation—not the finish line—of automotive innovation.

Joining the conversation are Steve Barriault, VP of Sales & Solutions Engineering North America, Japan and Korea at TrustInSoft, and Joe Saunders, Founder and CEO of RunSafe Security. Together, they bring two distinct but complementary strategies to the table: code-level certainty and runtime protection.

Steve outlines how formal methods and mathematical analysis—long used in safety-critical sectors like avionics—can reduce exploitable bugs to near-zero before code ever ships. Joe shares how runtime defenses like memory layout randomization offer critical safeguards for systems that can’t be patched, such as those in legacy infrastructure.

We explore the growing complexity of the software supply chain, why embedded devices pose a uniquely difficult challenge, and how new regulations are forcing companies to think differently about software assurance and liability.

In this episode:

• Why zero days remain so hard to prevent and detect
• How formal verification can help eliminate vulnerabilities
• What makes embedded systems especially vulnerable to zero-day exploitation
• When patching isn’t possible, what protection strategies still work
• How upcoming regulations like the EU Cyber Resilience Act are changing the game
• What a multi-layered defense actually looks like in practice

Whether you're a CISO, security engineer, or software leader, this episode offers a frank look at what it really takes to stay ahead of invisible threats.

As industrial systems become more automated and interconnected, embedded devices—once isolated—have become prime targets for attackers. Joe explains why embedded risk differs fundamentally from traditional IT threats, and why legacy systems, unmanaged endpoints, and obscure firmware pose some of the biggest risks to operational technology today.

We explore what makes embedded vulnerabilities so hard to find and fix, how real-time operating systems factor into security decisions, and why patching isn’t always an option in industrial settings. Joe also shares how Secure by Design, SBOMs, and exploit prevention strategies can help CISOs break free from the endless patch cycle and proactively reduce risk.

In this episode:

• What “embedded risk” really means for industrial environments
• Why legacy devices are so difficult—and dangerous—to secure
• How to rethink security when patching isn’t possible
• The real role of SBOMs in managing software supply chain risk
• Why real-time operating systems demand a different security mindset
• What every CISO should prioritize to protect safety and uptime

If you’re responsible for securing factory floors, OT networks, or embedded systems—this is a must-listen conversation.

Joe takes a hard look at the current state of operational technology security, exposing why legacy systems running our power grids, water plants, and factories remain dangerously vulnerable. He also unpacks the NSA’s April 2025 guidance on Smart Controller Security and what it signals for the future of critical infrastructure protection.

We discuss the real risks behind outdated architectures, the shortcomings of so-called “security solutions,” and why Secure by Design must replace “patch and pray.” With a focus on practical defense strategies—not buzzwords—Joe shares what CISOs can do right now, even on limited budgets, to mitigate OT risk.

In this episode:

• Why OT environments are still so vulnerable
• The impact of new NSA guidance on Smart Controller Security
• What “Secure by Design” actually looks like in OT systems
• How to cut through “security theater” and address real risks
• What every mid-sized industrial org should prioritize today
• Whether a wake-up call OT event is looming—or already here

If you're responsible for securing critical infrastructure—or simply rely on it—this is a conversation you can’t afford to miss.

With enforcement on the horizon in 2026, Joe breaks down what the CRA means for manufacturers, developers, and supply chain partners today. From the critical role of Software Bill of Materials (SBOMs) to the shifting landscape of liability, we explore how the CRA is raising the bar for Secure by Design software.

Joe also shares how leading organizations are preparing now and why cyber insurance may play a bigger role in the CRA era, even when best practices are followed.

In this episode:

• What the CRA covers and who it affects
• Why SBOMs are central to compliance and trust
• How the law shifts liability for software flaws
• Real-world prep strategies from industry leaders
• The role of cyber insurance in a post-CRA world

If your business touches software, this is one regulation you can’t afford to ignore.

Joe shares why RunSafe signed CISA’s Secure by Design pledge and the bold steps the company is taking to meet its goals, including a transition from C++ to Rust to eliminate entire classes of memory safety vulnerabilities. He also explains how organizations can implement Secure by Design principles—without overhauling their entire codebase—using techniques like runtime exploit prevention.

In this episode:

• Why “Secure by Design” is the future of software development
• What the CISA pledge means—and why RunSafe joined it
• How transitioning to Rust addresses deep-rooted memory safety issues
• Practical ways to harden existing systems without starting from scratch
• How Secure by Design supports national security and critical infrastructure protection

Joe explains how Salt Typhoon represents China’s long-term strategic approach to cyber espionage—playing the long game with well-funded teams operating globally. The discussion explores how attackers exploited vulnerabilities in Cisco routers to create their own backdoor access, compromising hundreds of thousands of devices simultaneously.

In this episode:

• How Salt Typhoon cleverly subverted “lawful intercept” infrastructure designed for legitimate government surveillance, turning it against its creators
• Why fileless malware like the “Demodex” rootkit makes detection nearly impossible by operating only in memory
• The surprising connection between video game cheating software and nation-state hacking tools
• Why metadata collection is a powerful intelligence tool, revealing critical patterns even without accessing conversation content
• Practical approaches to defense-in-depth security and the importance of memory safety in preventing these sophisticated attacks
• The need for systematic approaches to security rather than just patching individual vulnerabilities after discovery

Joe breaks it all down, explaining the big-picture geopolitical motivations behind these attacks. You’ll also learn how attackers use memory-based vulnerabilities to quietly gain long-term access to critical systems without leaving obvious clues.

In this episode:

• How Volt Typhoon is targeting critical infrastructure in sectors like transportation, communications, and financial services to create potential footholds for future conflicts
• Why memory-based vulnerabilities are a major risk, enabling attacks that are hard to detect and trace
• Practical ways to secure systems—like rewriting code in memory-safe languages or using advanced memory protection techniques like load-time function randomization
• How Secure by Design and Secure by Demand initiatives can drive adoption of practices to improve cybersecurity in critical infrastructure