Welcome to My Blog: Unlocking Industrial Cyber Security

Who Am I?

Hi, I’m Ashley — an OT Infrastructure Engineer with a strong focus on industrial cybersecurity, networking, and compliance. Over the years, I’ve worked across various IT and OT environments, helping to protect critical infrastructure in demanding industrial settings.

I began my career in traditional IT roles, developing core skills in network administration, IT security, and systems management. Eventually, I transitioned into more specialised roles, focusing on the unique challenges of industrial control systems (ICS) and industrial automation and control systems (IACS). Since then, I’ve been applying frameworks like OG86 to help organisations build resilient and secure OT environments.

What I Bring to the Table

Throughout my career, I’ve had the opportunity to work in diverse roles across multiple sectors. As a result, I’ve developed a wide-ranging skill set in industrial cyber security. Specifically, my experience includes:

• Leading IT and OT security strategies for safeguarding critical infrastructure
• Managing end-to-end network projects, including risk assessments and redundancy plans
• Securing OT environments by protecting both systems and automation layers
• Implementing IT/OT security policies and compliance frameworks
• Supporting OG86 audits while driving long-term cyber maturity

Moreover, I’ve worked closely with engineers, technicians, and compliance professionals to bridge the long-standing gap between IT and OT, which still creates security challenges in many organisations today.

Why I Started This Blog

Let’s be honest — industrial cyber security is still a closed world. Unlike IT security, which benefits from countless open forums, playbooks, and collaboration, OT security tends to be more guarded. Resources are limited, and it’s often difficult to find insights that apply to real industrial settings.

That’s precisely why I created this blog.

Here, I aim to share practical knowledge, real-life experience, and lessons learned from working in the field. Whether you’re an OT engineer, an IT pro stepping into the OT space, or simply someone curious about how security works in critical infrastructure, this blog is for you.

What You’ll Learn Here

In the future, I’ll be covering a variety of topics, including but not limited to:

• OG86 Compliance: What it means and how to achieve it
• The Purdue Model: Understanding segmentation through its layers
• Monitoring & Detection: Building a continually monitored OT network
• IACS Best Practices: Security guidance for industrial control systems
• IT & OT Collaboration: Bridging the cultural and technical divide
• Asset Inventory: Why it’s essential and how to do it right
• Network Segmentation: Firewalls, DMZs, and layered defence strategies
• Common OT Threats: Identifying and mitigating industrial vulnerabilities
• Patching Legacy Systems: Reducing risk without disrupting operations
• Incident Response: Planning for and managing cyber events in OT

Each post will be designed to give you practical takeaways — not just theory.

Let’s Talk

Cybersecurity in industrial environments is a journey, not a checklist. That’s why I believe sharing knowledge is essential. So, if you have questions, feedback, or even a topic suggestion, I’d love to hear from you.

We can build a more open, informed, and secure industrial community.

Thanks for reading, and stay tuned for what’s next.