According to Manufacturing.net, Bryson Bort, the founder and CEO of SCYTHE, recently appeared on the Security Breach podcast to discuss the evolving cybersecurity landscape. He covered the increasing impact of hacktivists and the rise of ransomware gangs that are causing major disruptions across industries. Bort explained his company’s focus on Adversarial Exposure Validation solutions and why there’s no such thing as an accidental hack. He also emphasized that human error in cybersecurity incidents is rarely actually the human’s fault. The conversation touched on how his military background influences his approach to cybersecurity and why supply chains represent the most important emerging threat landscape that organizations need to address immediately.
From tank commander to cyber defender
Here’s the thing about Bort’s background – it’s not your typical tech founder story. A former tank commander? That’s about as far from Silicon Valley as you can get. But honestly, that military experience probably gives him a more realistic view of threats than most cybersecurity CEOs. He’s thinking about defense in depth, understanding the adversary, and recognizing that you can’t protect what you don’t know exists. It’s that “hands can’t hit what the eyes can’t see” mentality that Muhammad Ali famously described – except in this case, we’re talking about ransomware gangs instead of boxing opponents.
Why supply chains keep security pros awake
Bort’s warning about supply chains being the most important threat landscape going forward is something I’ve been hearing more and more. Basically, companies can spend millions securing their own networks, but if their suppliers have weak security, it’s all for nothing. We saw this with the SolarWinds attack and countless other incidents. The problem is that most organizations don’t have visibility into their suppliers’ security practices. And when you’re dealing with industrial systems and manufacturing environments, the stakes get even higher. That’s where having robust industrial computing infrastructure becomes critical – companies need reliable hardware that can withstand both physical and cyber threats in harsh environments.
The human error myth
One of Bort’s most interesting points is that it’s rarely actually the human’s fault when security incidents happen. Think about that for a second. How many times have you heard “employee error” blamed for a breach? But Bort argues that if your security depends on users never making mistakes, you’ve already lost. The system should be designed to account for human behavior, not expect perfect compliance. This is especially true in manufacturing and industrial settings where operators are focused on keeping production running, not memorizing complex security protocols. The solution isn’t more training – it’s better system design that makes secure choices the easy choices.
What adversarial exposure validation actually means
SCYTHE’s approach with Adversarial Exposure Validation is basically about continuously testing your defenses against real-world attack techniques. It’s not just running vulnerability scans once a quarter – it’s about understanding how actual attackers would target your specific environment. This is particularly important for industrial systems where traditional IT security approaches often fall short. Manufacturing networks have unique protocols, legacy equipment, and operational requirements that make them vulnerable in ways that office networks aren’t. Companies like SCYTHE and resources like the ICS Village are trying to bridge that gap between IT security and operational technology security.
