Every industrial organization has a risk management process on paper. But the standard cycle — identify, assess, treat, monitor, communicate — was built for IT environments, and it breaks in specific, predictable ways the moment it meets OT reality: incomplete asset inventories, maintenance windows that make patching impossible, qualitative scores that can't support a board conversation, and a fundamental tension between security and operational uptime. This session walks through each phase of the risk management cycle, diagnoses exactly where and why it fails in OT, and offers a practical blueprint for rebuilding it around financial quantification, continuous telemetry, and the language that actually moves decisions at the executive level.

As connectivity between IT and OT accelerates, adversaries are exploiting the seams—turning everyday enterprise access into operational disruption. Join FortiGuard Incident Response for an inside-the-trenches look at two real investigations, complete with observed TTPs, victimology, and the decision points that changed outcomes. First, we dissect a multi-year intrusion in which the threat actor quietly weaponized IT footholds to pivot laterally into a customer’s OT environment. Then, we unpack a multinational incident impacted by one of the largest ransomware deployments FortiGuard has encountered, highlighting how scale, speed, and targeting collide. Across both cases, you’ll learn what makes OT so attractive to attackers, the emerging trends reshaping the threat landscape, and the practical prevention takeaways you can apply to reduce risk—before your organization becomes the next war story.

Cybersecurity's impact on industrial control systems and the cyber-physical infrastructure can be complex. During this panel, we will explore the risks and rewards of assessing risk to critical infrastructure and a strategy ahead for plans supporting resilience, response and regulations.

In this panel, cybersecurity leaders from industrial organizations share lessons learned securing OT and critical infrastructure amid rapid AI adoption and an evolving threat landscape. Panelists discuss how real-world incidents are reshaping strategy, how AI changes both defenses and adversary tactics, and how to reduce risk without disrupting operations. Takeaways include governance and accountability, partnering with operations and engineering, third-party exposure, incident readiness, and building measurable resilience across plants and sites.

As the threat landscape continues to expand, securing industrial organizations has the attention of agencies and organizations focused on the mission of protecting critical infrastructure. The supply chain plays an integral role as organizations rethink how they manage risk, adopt policies and governance and protect production environments. This session talks the risk and cost of disruption.

Cybersecurity for any organization is an evolution based on people, process and technology. During this fireside chat, we sit down with a regional industrial leader, to explore the cybersecurity journey at Waste Management. We will discuss how they manage risk for their critical infrastructure and discuss lessons learned as they navigate change to mature their cybersecurity strategy.