SOC-as-a-service provider, e2e-assure, announced appointment of Ian Henderson as OT security advisor to support the company’s growing OT (operational technology) security offering. A volatile geopolitical landscape, increasing legislation such as the upcoming Cyber Security Resilience Bill, and evolving attacker tactics and techniques are putting increasing pressure on OT security teams.
To respond to growing demand, e2e-assure has been investing in its OT portfolio, adding new capabilities such as 24/7 unified IT/OT detection and monitoring, and making strategic hires in the space. Ian joins e2e-assure from BP, where he built and led a world-class OT security function and advised board-level and C-suite executives on cyber risk, resilience, and safety.
Henderson will support the protection of OT systems in critical national infrastructure (CNI), industrial, and regulated sector environments. The appointment comes at a time when critical utilities and manufacturers are increasingly experiencing the real-world impact of targeted attacks, with Jaguar Land Rover and Southern Water most recently falling victim to ransomware incidents.
Henderson will support building resilience into these organisations by providing insights and practical approaches to OT operators at different stages of security maturity. He will advise on how to balance safety, availability, and security and accelerate OT/IT convergence, without introducing operational risk, and improve their resilience in the face of rising threats and complex legislation.
The upcoming Cyber Security Resilience Bill (CSRB) is just one piece of new legislation that many OT operators will need to navigate. The CSRB will be applicable to any organisation deemed as ‘critical’ if their failure could disrupt essential services, which many OT operators, especially CNI, will fall under.
Preparing to comply with legislation will be a significant challenge to many OT operators. Henderson brings experience of developing industry standards for Global Information Assurance Certification’s Global Industrial Cyber Security Professional (GIAC GICSP), a steering group that advises upon the creation and update of professional security qualifications for the industrial control community.
Henderson’s commitment to raising the bar across the industry means he goes beyond helping organisations achieve compliance – he works with them to build genuinely resilient cybersecurity strategies. With Henderson on board, OT operators can feel confident they have a partner focused not just on meeting requirements, but on strengthening long-term operational resilience.
“e2e-assure is pioneering OT specialisation just as the market really needs those specific skills and experience,” explains Henderson. “OT environments need expert support to manage their IT/OT convergence and to meet increasingly complex legislation. It’s not feasible for every organisation to build out a full security operations centre, so being able to help organisations scale their security operations so they can operate at the same level as a highly mature enterprise is a key value I see e2e-assure providing. I’m looking forward to providing more credible, outcome-focused OT security guidance and contributing to service design and assurance models that reflect how industrial environments actually function.”
He added that the aim is to enable customers to move from reactive security to resilient, risk-informed operations.
Speaking about the appointment, Rob Demain, CEO of e2e-assure, comments: “OT systems are now woefully exposed across numerous sectors, so it’s imperative that these organisations take swift and immediate action to address the burgeoning threat of attack. Ian’s IT and OT expertise will prove invaluable in helping our customers to identify areas of risk and put in place policies and technical controls that provide clear, business-relevant outcomes for CEOs, boards, and regulators.”
