Skip to content

Failing Forward in Industrial Security

Presenter:

Mike Holcomb

Industrial security is fundamentally broken—not because teams aren’t trying, but because they’re learning the wrong lessons from failure. The path forward is to embrace failure as a learning mechanism instead of hiding it or treating it as an endpoint.

Key takeaways

  • Failure is constant—and necessary
    In OT environments, things will break. The goal isn’t perfection—it’s learning faster than the attacker and adapting in real time.
  • The industry hides its mistakes
    • Failures don’t get shared
    • Near-misses and lessons learned stay buried
    • Everyone keeps repeating the same errors as a result
  • OT security is learned, not installed
    • You can’t secure what you don’t understand
    • IT-style controls fail when applied blindly to industrial systems
    • Real understanding comes from hands-on experience with how plants actually run
  • The IT/OT gap is still the root problem
    • IT teams don’t understand physical consequences
    • OT teams don’t always understand cyber risk
    • That disconnect creates fragile, exploitable environments
  • Training needs to mirror reality
    • Lab work, simulations, and failure scenarios matter more than theory
    • Practitioners need to see how attacks translate into physical impact
  • Resilience > prevention
    • You won’t stop everything
    • What matters is how systems respond, recover, and keep operating

Latest