Presenter:
Industrial security is fundamentally broken—not because teams aren’t trying, but because they’re learning the wrong lessons from failure. The path forward is to embrace failure as a learning mechanism instead of hiding it or treating it as an endpoint.
Key takeaways
- Failure is constant—and necessary
In OT environments, things will break. The goal isn’t perfection—it’s learning faster than the attacker and adapting in real time. - The industry hides its mistakes
- Failures don’t get shared
- Near-misses and lessons learned stay buried
- Everyone keeps repeating the same errors as a result
- OT security is learned, not installed
- You can’t secure what you don’t understand
- IT-style controls fail when applied blindly to industrial systems
- Real understanding comes from hands-on experience with how plants actually run
- The IT/OT gap is still the root problem
- IT teams don’t understand physical consequences
- OT teams don’t always understand cyber risk
- That disconnect creates fragile, exploitable environments
- Training needs to mirror reality
- Lab work, simulations, and failure scenarios matter more than theory
- Practitioners need to see how attacks translate into physical impact
- Resilience > prevention
- You won’t stop everything
- What matters is how systems respond, recover, and keep operating
