Secolve has appointed Sean Murdoch to its executive team to head the business’s new OT advisory division.
“The addition of Sean to head our new OT advisory division enables Secolve to be a sophisticated end-to-end security partner, and guide clients in managing the complex areas of OT and cyber security in a more synergistic and holistic way,” Secolve founder and CEO Laith Shahin said.
“It’s rare to onboard someone with such depth of experience and expertise at a senior management level across such a vast array of industry sectors. Having worked across a range of OT and IT roles, Sean has a unique understanding of the challenges cyber security and OT teams are facing in such a dynamic and diverse environment, and the strategic expertise at both the macro and micro level to help organisations lift their security posture.”
Murdoch, a qualified engineer, has more than 30 years’ experience working with large critical infrastructure providers in a wide range of industries, including electricity distribution and generation, water and wastewater, mining and minerals processing, oil and gas, and steel.
“In my experience, it’s often about helping organisations to make a cultural shift to understand the importance of OT within the realm of cyber security, how to implement cyber security controls into the OT ecosystems, and how to integrate OT into the broader business from the top down,” he said.
“Many businesses lack an OT strategy that aligns with business strategies. OT is still not widely understood by companies’ management and IT departments. A typical challenge is the crossover of asset management practices for OT between infrastructure and technology. Traditional infrastructure funding models for OT can tend to lag behind an organisation’s cyber security risk appetite and digital transformation aspirations. Transformation in how an organisation manages their OT tends to be required, as well as in how the OT function engages with the business.”
Murdoch said businesses needed to be more proactive in combatting the increasing number of sophisticated and coordinated cyber attacks. “The new cyber security legislation in response to the growing number of threat actors has also introduced an added layer of complexity in terms of legal compliance, so it is a very high-pressured, high-stakes environment with potential for serious consequences,” he said. “OT is also one of those areas where a little understanding can be a dangerous thing. You really need to know how one decision will impact another.
“I have seen the gaps in the security posture of large organisations from my previous experience so I am really passionate about applying that knowledge to help organisations to develop good cyber security practices, which is essentially what good OT practices are.”