2026-04-10 –, Track 2
In Grayzone Warfare: From IT Systems to OT Effects, Ian Thornton‑Trump CD examines how modern cyber conflict operates in the space “between peace and war,” where adversaries pursue strategic advantage without crossing traditional thresholds of armed conflict. Using his established insights into hybrid warfare and cyber‑physical risk, Thornton‑Trump reveals how attacks that begin in enterprise IT environments increasingly cascade into operational technology (OT), critical infrastructure, and industrial control systems.
This session presents cyber incidents as components of intentional grayzone campaigns that blend espionage, disruption, economic coercion, and psychological pressure. Thornton‑Trump demonstrates how weaknesses in identity systems, supply chains, governance, and security visibility are exploited to bridge IT and OT, turning digital access into real‑world consequences—including safety risks, service disruption, and national‑level instability.
Ultimately, this presentation challenges leaders and security professionals to view cyber defense as a matter of operational safety and geopolitical reality—recognizing and countering grayzone activity before IT compromise becomes irreversible OT impact.
Here are my key takeaways:
Cyber Conflict Now Lives Below the Threshold of War
Modern adversaries deliberately operate in the grayzone—conducting cyber operations that avoid attribution, legal response, or escalation.
IT Compromise Is the Gateway to OT Impact
Attacks rarely begin in industrial environments. Instead, identity systems, remote access, supply chains, and poorly governed enterprise IT are used as ingress points, allowing adversaries to pivot toward operational technology.
Cyber Effects Are Increasingly Physical and Strategic
Grayzone cyber operations can produce real‑world outcomes including service disruption, equipment damage, environmental harm, and public loss of trust. These effects deliver strategic leverage while maintaining plausible deniability, making them powerful although limited tools of state and proxy actors alike.
Defenders Must Think Like Strategists, Not Just Technicians
Effective defense requires understanding attacker intent, dwell time, and campaign objectives—not just indicators of compromise.
Ian Thornton-Trump CD is an ITIL certified IT professional with 30 years of experience in IT security and information technology. From 1989 to 1992, Ian served with the Canadian Forces (CF), Military Intelligence Branch; in 2002, he joined the CF Military Police Reserves and retired as a Public Affairs Officer in 2013. After a year with the RCMP as a Criminal Intelligence Analyst, Ian worked as a cyber security analyst/consultant for multi-national insurance, banking, and regional health care verticals. With a deep background in cyber threat intelligence Ian was previously the CISO for Cyjax Ltd., a UK based threat intelligence provider to enterprise customers. As a CISO at Inversion6 Ian’s role is to spearhead the efforts to duplicate the success of Inversion6 USA by offering fractional CISO and advanced cyber security solutions in the UK and EU markets. Ian has deep experience with the threats facing small, medium and enterprise businesses. His research and experience have made him a sought-after cyber security consultant specialising in building security operations providing services as a vCISO, and sharing his passion for building effective threat intelligence programs for small, medium, and enterprise organisations.