OT Security/business resilience, lack of incentives for securing software & the news – Ben Worthy – ESW #448
Interview - Ben Worthy from Airbus Protect
The current state of OT security and business resilience
In this episode of Enterprise Security Weekly, we sit down with Ben Worthy, OT Security Specialist at Airbus Protect, to explore the evolving landscape of business resilience in safety-critical sectors. With over 25 years of experience across aerospace, nuclear, water, oil & gas, and other industries, Ben shares insights on how organizations are adapting to the surge in disruptive cyberattacks—from ransomware targeting operational technology to GPS spoofing and supply chain incidents. We discuss major cases including the Boeing/LockBit ransom demand, the Jaguar Land Rover production shutdown, and the SITA passenger data breach, examining how aviation and other critical infrastructure sectors are separating safety risk from business continuity risk.
Ben also breaks down the regulatory changes reshaping the industry, including EASA's October 2025 and February 2026 deadlines that tie cyber assurance directly to safety oversight, and what ENISA's latest numbers reveal about hacktivism and ransomware trends. Whether you're in aviation, nuclear, or any safety-critical sector, this conversation offers practical lessons on building resilience that keeps operations moving while addressing threats in real time.
This segment is sponsored by Airbus Protect. Visit https://securityweekly.com/airbusprotect to learn more about them!
Topic: Where are the business incentives to build secure products and software?
"It's the right thing to do," so of course businesses will make their products secure, right? Well, it turns out that breaches and vulnerabilities don't traditionally hurt financial performance all that much. Stocks recover, insurance covers the bulks of the losses, fines are paid, and lawsuits are settled. Most businesses can comfortably absorb the impact, so the threat of reputational harm or financial losses just aren't slowing them down.
In the case of Ivanti, where the reputational harm was extreme, the company's companies continue to get hacked as critical vulnerabilities keep getting discovered in their products.
In this topic segment, we don't aim to provide solutions to this problem, just the awareness that ethics, doing the right thing, and even signing the Secure by Design pledge don't seem to be enough to change vendor behavior when it comes to securing products.
The Weekly Enterprise Security News
Finally, in the enterprise security news,
- RSA Innovation Sandbox hot takes
- Did AI solve cyber?
- fundings and acquisitions
- a free app to warn you about smart glasses
- deep thoughts about OpenClaw
- replacing US tech with EU equivalents is hard
- should you turn off dependabot?
- accidentally taking over 7000 robot vacuums
- the director of AI Safety at Meta loses her email somehow
- should you go back to using a blackberry?
All that and more, on this episode of Enterprise Security Weekly.
Ben Worthy is an OT security professional with over 25 years’ experience in designing, configuring and securing Industrial Control & Safety Systems and SCADA systems
Ben is the OT Security Technical Leader for Airbus Protect. He has wide OT experience across many domains including Aerospace, Civil Nuclear, Water, Oil & Gas (upstream & downstream), chemical & pharmaceuticals.
Ben has experience in leading activities across most areas of OT security including in OT Risk Assessment, OT infrastructure design, OT Network Management and Security Strategy development.
He is also an active member of the ICS Cyber Security community including contributions to the UK NCSC ICS Community of Interest and speaking at industry workshops & conferences.
Security Weekly listeners save $100 on their RSAC 2026 All Access Pass! RSAC 2026 Conference will take place March 23rd to March 26th in San Francisco. To register using our discount code, please visit securityweekly.com/rsac26 and use the code 56U5SECWEEKLY! We hope to see you there!
Most security conferences talk about threats. Zero Trust World lets you attack them. From March 4th to 6th, 2026 in Orlando, Florida, this hands-on cybersecurity event features live hacking labs where you’ll break real environments, think like an adversary, and learn how attacks really work. You’ll also get expert sessions, real-world case studies, CPE credits, and networking with top practitioners. And yes — the Security Weekly team will be there too. Don’t miss it! Register today at securityweekly.com/ZTW.
Adrian Sanabria
- FUNDING/M&A courtesy of the Security, Funded newsletter, issue #232 – Paper Hand Tourist Investors
INTRO
The reason public cyber companies were “securitymogged” last week is that Anthropic launched Claude Code Security, a new set of capabilities that “scans codebases for security vulnerabilities and suggests targeted software patches for human review, allowing teams to find and fix security issues that traditional methods often miss.”
As a result, public markets freaked out, declared cyber as a “solved problem,” panic sold, and wiped out about $15 billion in market cap from the top public cyber companies.
VIBE CHECK
EXTRA SPICY EDITION
RSA Innovation Sandbox now requires $5M seed for all finalists. This is:
60% - Creates perverse incentives 20% - Good marketing, questionable ROI 10% - Game-changing for early-stage cyber 10% - Doesn't matter, only execution does 0% - Helps level the playing field
"This is now less an industry event about actually rewarding the more interesting and innovative companies, and more about creating deal flow for the VC in question. Also, try to put yourself in the place of a startup disrupting a particular segment - what if Crosspoint Capital is already invested in your main competitor? Essentially this means once they pick a winner in one category, it makes it very unlikely other players in that category will apply in the future. Eventually, the event runs out of categories and becomes irrelevant. Horrible, horrible decision.”
FUNDING
- Cogent Security, a United States-based AI-agent-enabled threat and vulnerability management platform, raised a $42.0M Series A from Bain Capital Ventures.
- Venice, a United States-based privileged access management and just-in-time identity security platform, raised a $25.0M Series A from IVP.
- VulnCheck, a United States-based threat intelligence platform for exploits, vulnerabilities, and initial access brokers, raised a $25.0M Series B from Sorenson Capital.
- BlueFlag Security, a United States-based software security and governance platform, raised a $7.5M Venture Round. SEC Filing
ACQUISITIONS
- Koi, an Israel-based endpoint protection platform focusing on unmanaged and self-installed software like packages, containers, extensions, and local AI models, was acquired by Palo Alto Networks for an undisclosed amount. Koi had previously raised $48.0M in funding.
- FREE TOOLS: This App Warns You if Someone Is Wearing Smart Glasses Nearby
It isn't perfect, but it's something, and it's interesting that people feel strongly enough about smart glasses that a tool like this exists.
- FREE TOOLS: CORSAIR — Open Compliance Trust Exchange Protocol
Not sure how I feel about this. There's a lot of scaffolding designed to make compliance outputs as trustworthy as a website's certificate, but it seems to require inherent trust of the output in the first place. Without a foundation for that trust.
The stuff he's built isn't bad, it's the base assumption I'm confused by. Am I missing something?
- ESSAYS: the problem isn’t OpenClaw. it’s the architecture.
- ESSAYS: “Made in EU” – it was harder than I thought.
- ESSAYS: Things Are Getting Wild: Re-Tool Everything for Speed
- ESSAYS: Turn Dependabot Off
Some massive disclaimers here. The main one is, "if you do everything in GO"
- ESSAYS: Humans Will Give AI Anything If You Make It Sound Cool Enough
- ESSAYS: The foundation problem: How a lack of accountability is destroying cybersecurity
- ESSAYS: Carelessness versus craftsmanship in cryptography
An excellent reminder, as many orgs are doing post-quantum encryption migrations, that there are right and wrong ways to implement cryptography in your code/product.
- VULNERABILITIES: Hiding an Ear in Plain Sight: On the Practicality and Implications of Acoustic Eavesdropping with Telecom Fiber Optic Cables – NDSS Symposium
More akin to a side channel attack, you should probably worry more about your Ring cameras and the microphones in all your Smart TVs before you worry about sympathetic resonance in your FTTH CPE device.
- DUMPSTER FIRES: Meta Director of AI Safety Allows AI Agent to Accidentally Delete Her Inbox
Bless her for sharing her experience, so that perhaps others can avoid having ALL THEIR EMAIL DELETED
For screenshots: https://www.threads.com/@firerock31/post/DVHGBX2Epgq
- SQUIRREL: I Revived an Old BlackBerry to Cut Down on Screen Time. Things Went Awry.
Sean Metcalf
- VULNERABILITIES: GitHub Issues Abused in Copilot Attack Leading to Repository Takeover
YAPI (Yet Another Prompt Injection)
- VULNERABILITIES: Man accidentally gains control of 7,000 robot vacuums
AND WE CROWNED HIM VACUUM LORD
