OT Security for IT Professionals

An Introduction to Industrial Cyber Controls

Written by Edward Amoroso, CEO of TAG Cyber & Andrew Ginter, Vice President of Industrial Security at Waterfall Security

As a globally recognized expert in the field of industrial control systems security, Andrew Ginter often observes that a common approach to industrial cybersecurity is to protect operational technology (OT) with the same tools and approach as we use when we protect information technology (IT). Demystifying this concept is the topic handled in this series of articles. Recruiting Dr. Edward Amoroso – a veteran cyber and information security professional, professor and author – these two savvy professionals sat down and wrote a series of articles that every IT professional charged with industrial cyber controls should read. 

Program Outline:

  • Article #1 – an overview of the OT landscape, including an outline of the influential Purdue model
  • Article #2 – an insight into how hackers have had success to date breaking into operational systems
  • Article #3 – outline of the SCADA vulnerabilities associated with typical physical bus architectures
  • Article #4 – how innovations such as unidirectional gateways can be used to protect industrial networks from Internet-exposed IT networks
  • Article #5 – a glimpse into the future of OT and SCADA systems in critical infrastructure


“Learning operational technology security in the context of the Internet of Things is not particularly difficult,” Dr. Amoroso explained, “but does require a slightly different mindset than is required for traditional cyber security”.

Fill out this form to access handbook:

Fill out this form to access handbook: