Incident response in OT: when the response becomes the risk

Incident response in OT: when the response becomes the risk

In this episode of Talk OT To Me, Jesper and Justin tackle one of the most challenging topics in industrial cybersecurity: incident response in Operational Technology (OT). Having an incident response plan is one thing. Knowing how to execute it when production, safety, and business continuity are on the line is something entirely different. The conversation explores why OT incidents can't be treated like IT incidents, how poor visibility and unclear ownership slow down decision-making, and why tabletop exercises often reveal critical gaps in preparedness. They also discuss real-world examples, the growing impact of AI-driven attacks, regulatory pressures such as NIS2 and the Cyber Resilience Act, and why collaboration between IT, OT, engineering, operations, and leadership is essential. Key topics include: * Why most incident response plans fail in practice * The unique challenges of responding to cyber incidents in OT environments * How visibility gaps create dangerous delays * Lessons from real-world OT incident response scenarios * The impact of AI on attack speed and defender readiness * Compliance, liability, and regulatory requirements * Why OT incident response is ultimately an engineering and business problem—not just a cybersecurity problem If your organization believes it's prepared for an OT cyber incident, this episode will challenge you to ask a simple question: When was the last time you actually tested the plan?

OT supply chain security: who's really in your factory and why that’s the next big blind spot

This episode explores the complexities of OT supply chain security, emphasizing the importance of trust, asset management, and proactive risk mitigation in industrial control systems. Justin and Jesper discuss real-world threats, best practices, and strategic steps for enhancing cybersecurity in operational technology environments. Key Topics * OT supply chain complexity and trust chain * Risks of long-term asset management and legacy systems * Best practices for supply chain security and risk mitigation

Trust no one: Why OT needs its own identity

The conversation delves into the complexities of identity management for IT and OT, emphasizing the need for separate identity management to address different requirements and risks. It also highlights the importance of network segmentation, access control, and auditing for securing OT environments. Additionally, the human factor is identified as a significant vulnerability in cybersecurity, emphasizing the need for training and awareness. The practical approach to identity management is discussed, considering the cost and resources involved in implementation. Takeaways * Identity management for IT and OT should be separated to address the different requirements and risks. * Network segmentation and access control are crucial for securing OT environments. * The human factor is a significant vulnerability in cybersecurity, and training and awareness are essential for mitigating risks.

Special: S4x26 + ManuSec Europe insights

The ManuSec Europe 2026 and S4x26 conferences provided valuable insights into the current state and future of OT security. Key themes included the rise of remote access, compliance standards, trust, AI, pen testing, and the need to validate humanity in the context of cybersecurity. These themes shed light on the challenges and opportunities in the OT security landscape. In this episode, Jesper and guest Jeffrey discuss their takeaways from being present in those conferences.

IT vs OT: Friends or frenemies?

The conversation delves into the historical relationship between OT and IT, the challenges of integration, and the crucial role of leadership and personnel in bridging the gap. It also highlights the responsibility of vendors in providing tools that facilitate collaboration and the need for a shift towards a more collaborative and friendly relationship between OT and IT. Takeaways * OT and IT have historically been frenemies, but are moving towards a more collaborative and friendly relationship. * Leadership, personnel, and strategic team-building are crucial in bridging the gap between OT and IT. Chapters * 00:00 Introduction and Background * 05:03 Challenges of IT-OT Integration * 34:06 Tooling and Vendor Responsibility