Webinar Description
Key Takeaways
- Live webcast examining methods for strengthening Operational Technology defences in industrial environments
- Features insights from the 2026 GigaOm Radar for OT Security report evaluating 22 security solutions
- Addresses the visibility gap between IT and OT environments that creates security blind spots
- Covers agentless asset discovery, threat detection, and the shift from passive monitoring to active protection
- Designed for CISOs, security architects, OT/IT managers, and compliance officers in critical infrastructure sectors
Introduction
Industrial organisations face mounting pressure to secure operational technology environments that were never designed with cybersecurity in mind. The webcast “Securing the Modern IT/OT Attack Surface,” scheduled for 29 July 2026, brings together GigaOm Analyst Chris Ray and runZero CEO HD Moore to examine practical approaches for hardening OT defences. The session targets security professionals responsible for critical infrastructure, including those working in manufacturing, utilities, energy, and transportation sectors where the convergence of information technology and operational technology has dramatically expanded the attack surface.
The timing reflects broader industry concerns about OT security maturity. As industrial control systems become increasingly connected to enterprise networks and cloud platforms, traditional air-gapped security models have become obsolete. Organisations now require unified visibility across environments that span decades-old programmable logic controllers and modern cloud-connected sensors, creating complex security challenges that demand new approaches.
About This Event
This live virtual webcast combines expert presentations with analyst research to provide attendees with both strategic perspective and tactical guidance. The session centres on findings from the 2026 GigaOm Radar for OT Security report, an independent evaluation of 22 leading OT security solutions. The report assesses vendors based on their capabilities, deployment complexity, and ability to protect sensitive OT environments without disrupting industrial operations—a critical consideration given that unplanned downtime in manufacturing or utility environments can result in significant financial and safety consequences.
The format allows security leaders to gain insights from both an independent analyst perspective and a practitioner viewpoint, offering a balanced examination of the current OT security landscape and emerging best practices.
Bridging the IT/OT Visibility Gap
A central theme of the webcast is the persistent visibility challenge that plagues industrial security programmes. Many organisations struggle to maintain accurate inventories of OT assets, leaving security teams unable to protect systems they cannot see. This blind spot becomes particularly problematic as threat actors increasingly target industrial environments, recognising that compromised OT systems can cause physical damage, production disruptions, and safety incidents that extend far beyond data theft.
The session explores agentless asset discovery techniques that can identify and catalogue OT devices without requiring software installation on sensitive industrial systems. This approach addresses a fundamental tension in OT security: the need for comprehensive visibility balanced against the risk of disrupting fragile legacy systems that may not tolerate traditional security tools. Protocol stack reverse engineering enables discovery tools to communicate with industrial devices using their native protocols, gathering detailed asset information without triggering operational disruptions.
Establishing a unified view across IT, OT, and cloud environments creates what practitioners describe as a single source of truth—a consolidated asset inventory that enables security teams to understand their complete attack surface rather than managing disconnected silos of information.
From Passive Monitoring to Active Protection
The webcast addresses an important evolution in OT security philosophy. Early approaches to industrial cybersecurity emphasised passive monitoring—observing network traffic and alerting on anomalies without actively intervening in OT operations. While this cautious approach reflected legitimate concerns about disrupting sensitive processes, the escalating threat landscape has pushed organisations toward more active defensive postures.
Modern OT security strategies increasingly incorporate automated threat detection and response capabilities that can identify and contain threats before they propagate across industrial networks. This shift requires careful implementation, as automated responses must be calibrated to avoid causing the very disruptions they aim to prevent. The session examines how organisations can implement active protection measures while maintaining the operational stability that industrial environments demand.
Risk prioritisation emerges as a critical capability in this context. With limited security resources and extensive asset inventories, organisations must focus remediation efforts on vulnerabilities that pose the greatest operational and safety risks. Effective prioritisation requires understanding not just technical severity scores but also the business context of affected systems—a controller managing a critical safety function warrants different treatment than one supporting a non-essential process.
Regulatory and Compliance Considerations
Industrial organisations operate under increasingly stringent regulatory requirements that mandate specific security controls for critical infrastructure. The webcast addresses compliance challenges that security teams face when implementing OT security programmes, particularly in sectors such as energy and utilities where regulatory frameworks impose detailed requirements for asset management, vulnerability assessment, and incident response.
Compliance obligations often drive OT security investments, but effective programmes extend beyond checkbox exercises. Organisations that treat compliance as a minimum baseline rather than an end goal typically achieve stronger security outcomes while also satisfying regulatory requirements. The session explores how visibility and asset discovery capabilities support both compliance documentation and genuine security improvements.
Who Should Attend
The webcast serves security professionals across technical and executive roles who bear responsibility for industrial and critical infrastructure environments. Chief Information Security Officers and security architects will find strategic value in understanding how OT security solutions are evolving and how independent analysts evaluate vendor capabilities. OT and IT security managers gain practical insights into discovery techniques and protection strategies that can inform operational improvements.
Compliance officers benefit from understanding how modern OT security tools support regulatory requirements, while procurement decision-makers can use the GigaOm Radar findings to inform vendor evaluation processes. The content assumes familiarity with enterprise security concepts but does not require deep OT expertise, making it accessible to IT security professionals expanding their responsibilities into industrial environments.
Organisations in manufacturing, utilities, energy, and transportation sectors represent the primary audience, though the principles discussed apply broadly to any environment where operational technology systems require protection.
The Evolving OT Threat Landscape
Industrial cybersecurity has matured significantly as threat actors have demonstrated both capability and intent to target operational technology. High-profile incidents affecting critical infrastructure have elevated OT security from a specialised concern to a board-level priority at many organisations. The hyper-connected nature of modern industrial environments—where sensors, controllers, and enterprise systems share network infrastructure—means that compromises in one domain can rapidly propagate to others.
Real-time threat intelligence tailored to industrial environments helps security teams understand emerging attack techniques and indicators of compromise specific to OT protocols and devices. This specialised intelligence complements traditional IT-focused threat feeds, providing context that generic security tools may lack when monitoring industrial networks.
The webcast positions automated resilience as an essential capability for organisations that cannot afford extended recovery times following security incidents. Building resilience requires not just detection and response capabilities but also the visibility foundation that enables rapid assessment of incident scope and impact across complex industrial environments.

