Events , Governance & Risk Management , GovWare

Quick Wins vs. Long-Term: A New Approach to OT Security Risk

Siemens Energy's Mex Martinot on Phasing Security Controls for Industrial Systems
Mex Martinot, vice president and global head, industrial cybersecurity, Siemens Energy

Industrial control system security leaders face mounting pressure to strengthen their cybersecurity posture amid risks that go far beyond operational disruption. While system downtime remains a primary concern, organizations must also consider liability issues, compliance penalties, reputational damage and human safety risks when prioritizing security initiatives, according to Mex Martinot, vice president and global head of industrial cybersecurity at Siemens Energy.

See Also: Frost Radar™ on Healthcare IoT Security in the United States

The traditional approach of categorizing threats based solely on their severity often leads to analysis paralysis, in which critical but complex issues remain unaddressed while achievable improvements are overlooked. This challenge is compounded by the need to balance security controls with operational efficiency, creating demand for more practical, implementation-focused strategies.

"I came up with this concept called 'road map to resilience,' and it changes the definition if this is a high-priority issue versus it's a big investment … There is a ton of things you can do quickly at no cost," Martinot said. "You need to think of mitigating controls ... it's easy, quick fix versus must be done because of impact."

In this video interview with Information Security Media Group at the GovWare Conference and Exhibition 2024, Martinot also discussed:

  • How to quantify the full impact of security incidents beyond operational disruption;
  • The challenges of aligning IT and OT security cultures and policies;
  • The role of AI and machine learning in improving OT risk assessment.

Martinot leads global growth strategy for industrial cybersecurity at Siemens Energy, focusing on energy sector supply chain security, strategic partnerships and OT security team development. With more than 20 years of experience, he has worked for companies including Hewlett Packard, Dell and EY.


About the Author

Prajeet Nair

Prajeet Nair

Assistant Editor, Global News Desk, ISMG

Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.