Critical Assets Podcast

by Patrick Miller

The Critical Assets Podcast covers important OT and ICS security topics with an eye toward standards and regulation to keep you ahead of your adversaries... and your auditors. Ampyx Cyber. Securing your world. See our other content such as blogs, cybersecurity news and more at www.ampyxcyber.com

Insights from recent episode analysis

Audience Interest

Estimated Reach: 13K to 40K

Listeners across platforms

Podcast Focus

Categories: technology · news

Publishing Consistency

Frequency: ~Weekly

11 episodes since 2023

Platform Reach

Insights are generated by CastFox AI using publicly available data, episode content, and proprietary models.

Most discussed topics

cybersecurity

critical infrastructure

operational technology

vulnerability management

incident response

regulatory developments

Brands & references

Joy Ditto Consulting2

CISA2

NERC2

Ampere Industrial Security2

INPOWERD1

Anthropic1

Mythos1

Glasswing1

Generic platforms filtered out.

Medium Confidence

Total monthly reach

13K to 40K

Estimated from 2 chart positions in 2 markets.

By chart position

🇳🇴
NO · Technology
#33
10K to 30K
🇵🇱
PL · Technology
#68
3K to 10K

Per-Episode Audience
Est. listeners per new episode within ~30 days
6.5K to 20K
🎙 Weekly cadence·11 episodes·Last published 1mo ago
Monthly Reach
Unique listeners across all episodes (30 days)
13K to 40K
🇳🇴75%🇵🇱25%
Active Followers
Loyal subscribers who consistently listen
3.9K to 12K

Market Insights

This ShowCategory Avg

No category insights available.

📡

Platform Distribution

Reach across major podcast platforms, updated hourly

Total Followers

—

Total Plays

—

Total Reviews

—

YouTube

Subscribers

—

Views

—

Videos

—

Castbox

Followers

—

Plays

—

Reviews

—

Podcast App

Followers

—

Plays

—

Reviews

—

Podcast Republic

Followers

—

Plays

—

Reviews

—

TuneIn

Followers

—

Plays

—

Reviews

—

* Data sourced directly from platform APIs and aggregated hourly across all major podcast directories.

On the show

From 10 eps

Hosts

Patrick Miller

10 eps

Earl Shockley

1 ep

Joy Ditto

1 ep

Recent guests

11 across last 10 eps

Joy Ditto

1 ep

Earl Shockley

1 ep

Kylie McClanahan

1 ep

Darren Highfill

1 ep

Lesley Carhart

1 ep

Cynthia Hsu

1 ep

Erin Owens

1 ep

Ginger Wright

1 ep

Danielle Jablanski

1 ep

Amanda Freick

1 ep

Gabe Agboruche

1 ep

Recent episodes

Policy Pulse: Regulatory Roundtable - Cyber Strategy, Large Loads, AI & CISA in Flux

May 11, 2026

1h 00m 18s

Policy Pulse: Regulatory Roundtable - NERC CIP, Cybersecurity Strategy, AI & Electric Sector

Feb 1, 2026

1h 02m 05s

Vulnerability Overload: Making Prioritization Work in the Real World

Jul 20, 2025

35m 36s

From CISO to Startup: OT Security, Leadership, and Lessons from the Field

Apr 13, 2025

44m 04s

Critical Conversations: IR, Forensics, and Regulation in OT

Jan 4, 2025

44m 32s

🔗

Social Links & Contact

Official channels & resources

🌐

Official Website

📡

RSS Feed

Episodes

every 108 days

Avg length

49m 12s

32m 32s – 1h 08m 23s

Range

Feb 2023 – Feb 2026

Topics

cybersecurity, critical infrastructure +51

Guests

Joy Ditto +10 · last 10 eps

12 of 12

Date	Episode	Topics	Guests	Brands	Places	Keywords	Sponsor	Length
5/11/26	Policy Pulse: Regulatory Roundtable - Cyber Strategy, Large Loads, AI & CISA in Flux✨	cybersecuritycritical infrastructure policy+5	Joy DittoEarl Shockley	MythosGlasswing+5	China	cyber strategylarge loads+6	—	1h 00m 18s
2/1/26	Policy Pulse: Regulatory Roundtable - NERC CIP, Cybersecurity Strategy, AI & Electric Sector✨	regulatory developmentscybersecurity+4	—	Ampyx CyberInpowerd+4	—	NERC CIPcybersecurity strategy+5	—	1h 02m 05s
7/20/25	Vulnerability Overload: Making Prioritization Work in the Real World✨	vulnerability managementpatching challenges+5	Kylie McClanahan	CVSSCSAF+4	—	vulnerability managementpatching+7	—	35m 36s
4/13/25	From CISO to Startup: OT Security, Leadership, and Lessons from the Field✨	cybersecurityleadership+4	Darren Highfill	Norfolk SouthernNIST+1	—	CISOcybersecurity program+5	—	44m 04s
1/4/25	Critical Conversations: IR, Forensics, and Regulation in OT✨	incident responseforensics+5	Lesley Carhart	OT/ICScybersecurity+1	—	incident responseforensics+5	—	44m 32s
3/3/24	Energizing Cybersecurity Careers: Workforce Development in OT/ICS✨	cybersecurityworkforce development+5	Cynthia HsuErin Owens	DOE CESEREventleaf+1	—	cybersecurity careersOT security+5	—	1h 08m 23s
11/9/23	CIE: Architecting Infrastructure Immunity✨	CybersecurityEngineering+3	Ginger Wright	Idaho National LaboratoryCyber Informed Engineering	—	Cyber Informed Engineeringcybersecurity+4	—	53m 39s
9/5/23	One Rule to Rule Them All✨	cybersecurity regulationthreat hunting+4	Danielle Jablanski	Ampere Industrial SecurityNozomi Networks+2	—	cybersecurityregulation+5	—	59m 18s
6/26/23	Ghost in the Machine: a Future Look at AI and OT✨	AIOT+5	Amanda Freick	Ampere Industrial SecurityAltruistic+1	—	AImachine learning+6	—	43m 54s
5/11/23	Breaking into the OT Cybersecurity Field✨	OT CybersecurityICS Security+4	Gabe Agboruche	SANS ICSCompTIA+5	—	OT CybersecurityICS Security+6	—	42m 26s
Want analysis for the episodes below?Free for Pro Submit a request, we'll have your selected episodes analyzed within an hour. Free, at no cost to you, for Pro users.
3/9/23	Simplifying ICS Security Metrics	Getting started with ICS and OT security metrics can be hard. What do you measure? How do you represent it? Do you even have the data? In this podcast, we talk with Erin Torruella to share her experience from building and managing metrics for multiple different sectors. She provides great advice on where to start and how to get the effort going in the right direction.ChatGPT response was…Operational Technology (OT) and Industrial Control Systems (ICS) are crucial components of critical infrastructure, and their security is essential for ensuring the safety, reliability, and availability of essential services. To measure the success or failure of an OT/ICS security program, several metrics can be considered, such as:1. Vulnerability Management Metrics: This metric measures the number of vulnerabilities identified, the number of vulnerabilities remediated, and the time it takes to remediate the vulnerabilities.2. Incident Response Metrics: This metric measures the effectiveness of the incident response process. It includes the time it takes to detect, contain, and resolve an incident, as well as the number and severity of incidents.3. Compliance Metrics: This metric measures compliance with relevant security standards, regulations, and policies. It includes the number of audits conducted, the number of non-compliances identified, and the time it takes to remediate non-compliances.4. Risk Management Metrics: This metric measures the effectiveness of the risk management program. It includes the number and severity of risks identified, the number of risks mitigated, and the time it takes to mitigate the risks.5. Awareness Metrics: This metric measures the effectiveness of the security awareness program. It includes the number of training sessions conducted, the number of employees trained, and the level of understanding demonstrated by employees.6. Asset Management Metrics: This metric measures the effectiveness of the asset management program. It includes the number and types of assets identified, the level of asset classification, and the accuracy of the asset inventory.7. Performance Metrics: This metric measures the performance of the OT/ICS infrastructure. It includes uptime, availability, and response time.Thanks for listening!Show links:Erin Torruella...LinkedIn - https://www.linkedin.com/in/erin-torruella/Twitter - https://twitter.com/LadySqrrlMastodon - https://infosec.exchange/@ladysqrrlJD Christopher SANS talk on ICS Security Metrics - https://www.youtube.com/watch?v=gIsLP_Dtv7MJD Christopher SANS blog post on ICS Security Metrics -https://www.sans.org/blog/mature-ics-security-with-metrics/S.M.A.R.T. Methodology - https://en.wikipedia.org/wiki/SMART_criteriaDHS CISA Cross-Sector Cyber Performance Goals - https://www.cisa.gov/cross-sector-cybersecurity-performance-goals						43m 39s
2/8/23	What to do about FERC's new INSM Order 887	FERC has issued Order 887, directing NERC to create new Critical Infrastructure Protection (CIP) cybersecurity standards for Internal Network Monitoring Systems (INSM). In this episode, Patrick Miller, CEO of Ampere Industrial Security talks with Carter Manucy, IT/OT Cybersecurity Director for Florida Municipal Power Authority (FMPA). Hear from a real electric utility asset owner, on what this Order means for the industry and what you should do next.Show links:Carter Manucy LinkedIn Profile - https://www.linkedin.com/in/cmanucy/FERC Order 887 - https://www.ferc.gov/media/e-1-rm22-3-000FERC INSM NOPR - https://www.federalregister.gov/documents/2022/01/27/2022-01537/internal-network-security-monitoring-for-high-and-medium-impact-bulk-electric-system-cyber-systemsNational Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems - https://www.amperesec.com/blog/industry-brief-national-security-memorandum-on-improving-cybersecurity-for-critical-infrastructure-control-systemsNERC INSM Practice Guide - https://www.nerc.com/pa/comp/guidance/CMEPPracticeGuidesDL/CMEP%20Practice%20Guide%20-%20Network%20Monitoring%20Sensors.pdfCorresponding Ampere Blog post - https://www.amperesec.com/blog/what-to-do-about-fercs-new-insm-order-887						32m 32s