Podcast

Navigating OT security procurement in geopolitically instable times

Danish OT security consultant Søren Knudsen discusses the challenge of OT security procurement in light of current geopolitical tensions. He and host Klaus Mochalski explore how procurement processes have shifted, the importance of due dilligence in procurement processes, and the risks associated with relying on foreign vendors.

Duration:
23 min

Guest in this episode:

Søren Egede Knudsen
Senior Cyber Security Consultant

Listen to us also on:

Spotify ButtonApple Podcast Button

Transcript

Keywords

OT security, procurement, geopolitical risks, cybersecurity, critical infrastructure, product selection, European vendors, Kaspersky, supply chain, USA, Russia, China, Israel

Summary

Danish OT security consultant Søren Knudsen discusses the challenge of OT security procurement in light of current geopolitical tensions. He and host Klaus Mochalski explore how procurement processes have shifted, the importance of due dilligence in procurement processes, and the risks associated with relying on foreign vendors.

Takeaways

Hardware and software procurement becomes a matter of business continuity.

Often managers are too afraid to make a wrong decision in procurement, so they choose the market leader without actually looking.

Companies become more and more cautious about sourcing equipment from certain countries due to geopolitical tensions or ethical questions.

The importance of understanding the risks associated with specific vendors is crucial.

Organizations should conduct thorough research on available products before making decisions.

In particular, US and Israeli vendors often put more money into marketing including being cited in high-impact market research reports.

Smaller vendors can offer competitive solutions that meet specific needs.

There is a growing interest in European-developed security products.

Sound Bites

It's not easy for some companies to switch technology at ones, especially the big ones. So it's more a question of how can we protect those possible vulnerabilities?

It was actually a surprise for me how many non-US, non-Israeli or non-Chinese products for OT security exist. You need to ask yourself: Do I want to use a bit more time to find out?

Doing a requirement specification is fine, but sometimes you add too much from products you're used to or you know of. Instead, find what is actually on the market.

Chapters

00:00 Introduction  

01:10 Shifts in OT security procurement strategy

09:17 How to become sovereign in OT procurement

17:20 Understanding Risks in Product Selection

22:25 Closing Thoughts

Share on
Facebook Icon weissLikedIn Icon weissXing Icon

You might also be interested in these podcasts

Jun 19, 2025
25 min

Who is responsible for cybersecurity at wind parks?

Mohamed Harrou, OT security engineer at energy supplier Amprion, explains the added value of OT security in wind farms and PV systems. With 12 years of experience in renewable energy systems, he provides practical insights into the technological and organizational challenges of modern wind parks and gives a surprising and rather unsettling answer to the question of responsibilities.

Listen now
Jun 3, 2025
27 min

What do we need to deter insider threats?

Mandana White, CEO of Smart Grid Forums, talks about the rise of insider threats to a company’s cybersecurity and what it has to do with the cost-of-living crisis as well as the Western Robin Hood mentality. Diving a bit into societal psychology and politics there might even be a bit to learn from – of all places – Dubai to get IT and OT cybersecurity working in both companies and society.

Listen now
May 22, 2025
19 min

How to build a SIEM SOC in OT?

Zeek Muratovic, Director of Security Operations at Landis+Gyr talks about the first steps to build a SIEM SOC in OT environments. Being a pragmatist, he proposes a step-by-step approach that prevents OT operators from overkilling their budget AND workload.

Listen now
Anne Grätz

Get in touch with us

Write or call us to discuss your requirements for OT cybersecurity and intrusion detection.
Contact us