“The addition of Sean to head our new OT advisory division enables Secolve to be a sophisticated end-to-end security partner, and guide clients in managing the complex areas of OT and cyber security in a more synergistic and holistic way,” said Secolve founder and CEO Laith Shahin.

“It’s rare to onboard someone with such depth of experience and expertise at a senior management level across such a vast array of industry sectors. Having worked across a range of OT and IT roles, Sean has a unique understanding of the challenges cyber security and OT teams are facing in such a dynamic and diverse environment, and the strategic expertise at both the macro and micro level to help organisations lift their security posture.”

Murdoch has more than 30 years’ experience of working with large critical infrastructure providers in industries such as electricity distribution and generation, water and wastewater, mining and minerals processing, oil and gas, and steel.

His previous roles include Queensland general manager at Sage Group, SCADA and telecommunications manager at Energy Queensland, and OT and digital solutions principal at Jacobs.

Murdoch holds an honours degree in computer engineering from the University of Wollongong, and a master’s in project management and an MBA from the University of Southern Queensland. He holds engineering registrations with Engineers Australia, Professionals Australia, and Professional Engineers of Queensland, and is a fellow if the Institute of Engineers Australia.

“In my experience, it’s often about helping organisations to make a cultural shift to understand the importance of OT within the realm of cyber security, how to implement cyber security controls into the OT ecosystems, and how to integrate OT into the broader business from the top down,” said Murdoch.

“Many businesses lack an OT strategy that aligns with business strategies. OT is still not widely understood by companies’ management and IT departments.

“A typical challenge is the crossover of asset management practices for OT between infrastructure and technology. Traditional infrastructure funding models for OT can tend to lag behind an organisation’s cyber security risk appetite and digital transformation aspirations.

“Transformation in how an organisation manages their OT tends to be required, as well as in how the OT function engages with the business.”

Murdoch said businesses needed to be more proactive in combatting the increasing number of sophisticated and coordinated cyber attacks.

“The new cyber security legislation in response to the growing number of threat actors has also introduced an added layer of complexity in terms of legal compliance, so it is a very high-pressured, high-stakes environment with potential for serious consequences,” he said.

“OT is also one of those areas where a little understanding can be a dangerous thing. You really need to know how one decision will impact another.

“I have seen the gaps in the security posture of large organisations from my previous experience so I am really passionate about applying that knowledge to help organisations to develop good cyber security practices, which is essentially what good OT practices are.”