David G2
I am a NCSC Senior Cyber Physical Security Architect with experience supporting major CNI projects across multiple sectors including electricity, water and gas. I have also led the production of several Operational Technology (OT) focused pieces of NCSC guidance including Privileged Access Workstations (PAWs), Creating and maintaining a definitive view of your operational technology (OT) architecture, Secure connectivity principles for operational technology (OT) and Cloud-hosted supervisory control and data acquisition (SCADA).
Session
The threats facing Operational Technology our outpacing the delivery of secure solutions in our critical infrastructure. Organisations deploying OT must now accept that connectivity is no longer an edge-case, and the “walled garden” model no longer reflects the way our industrial environments operate. To accelerate transformation and meet the threat we must challenge some of these beliefs to build critical infrastructure suitable for a modern threat environment.
In this talk, David G2 a NCSC Cyber Physical Security Architect will introduce explain the context behind three new pieces of NCSC guidance - Creating and Maintaining a Definitive View of Your OT Architecture, Secure Connectivity Principles for OT, and PAWs for OT. Articulating how these documents fit together to support a realistic, defensible security posture for modern industrial environments.
Do not fear this won’t be a guidance recital.
This talk aims to challenge some long‑held beliefs, exploring why the traditional prioritisation of Availability, Integrity and Confidentiality (AIC) is often poorly suited to modern OT environments; why safety considerations are more nuanced than simply being “the most important factor”; how patching can be possible in practice; and how isolation is frequently misunderstood. We will examine why these beliefs emerged, what threats they can blind organisations to, and how they limit our ability to modernise, operate efficiently, and defend at scale
The aim is for attendees to leave with:
- A practical model for understanding their OT estate, as a system not just as assets.
- Pragmatic approaches for securely enabling necessary connectivity rather than creating bespoke routes for all new connectivity.
- Why Privileged Access Workstations (PAWs) matter more than ever and how they translate to the OT environment.
- Clear, achievable steps for uplifting brownfield environments without waiting for the next lifecycle refresh.
- A forward-looking vision that looks for operators to demand more of their vendors and integrators, drives vendors to raise their security baseline, and creates space for startups to innovate rather than replicate the past.
The threats are already here, the the old rules won't save us.