When a production line stops, the financial damage is immediate -- and the window to respond safely is narrower than most security teams realize. Rob Demain, CEO and Founder of e2e-assure, joins this Brand Highlight to explain why OT security demands a fundamentally different mindset than IT, and what organizations can do about it.
When a production line stops, the financial damage is immediate — and the window to respond safely is narrower than most security teams realize. Rob Demain, CEO and Founder of e2e-assure, joins this Brand Highlight to explain why OT security demands a fundamentally different mindset than IT, and what organizations can do about it.
Operational technology runs the infrastructure that keeps the world moving — manufacturing floors, power grids, air traffic control systems. Rob Demain founded e2e-assure in 2013 and has spent the past seven years narrowing its focus to one discipline: SOC and MDR services. He calls it "specificity" — the principle that doing one thing with precision delivers better outcomes than spreading resources thin.
In IT security, the primary concern is data. In OT, the stakes are entirely different. Downtime is the real threat. For a manufacturing business, minutes of halted production translate directly into significant financial loss. That distinction changes everything about how security teams must respond. The "safety first" rule in OT means responders sometimes have to run alongside a threat rather than immediately neutralize it — because disconnecting systems could halt the production line entirely.
The most common attack path into OT environments runs through IT: adversaries compromise IT first, then move laterally into OT systems. Supply chain risk is the second major vector. Firmware updates, software patches, and third-party management systems all represent potential entry points. Detection takes longer too — OT systems often lack the endpoint tools that trigger fast alerts, leaving threats to surface as subtle pattern deviations over extended periods.
This is a Brand Highlight — a short introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight
GUEST
Rob Demain, CEO & Founder, e2e-assure
LinkedIn: https://uk.linkedin.com/in/rob-demain-01733468
RESOURCES
e2e-assure website: https://e2e-assure.com
OT Downtime and Remediation Gaps Research: https://e2e-assure.com
Are you interested in telling your story?
Full Length Brand Story: https://www.studioc60.com/content-creation#full
Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
Brand Highlight Story: https://www.studioc60.com/content-creation#highlight
When OT Goes Down, the Clock Is Already Running | A Brand Highlight Conversation with Rob Demain, CEO & Founder of e2e-assure
Marco Ciappelli [00:00:20]: Hello. Welcome everybody. This is a brand highlight. We got about five minutes to talk about very important things and we're gonna do that with Rob here from e2e-assure. And they just produced research that is about the OT downtime and the remediation gaps. So welcome to this brand highlight, Rob.
Rob Demain [00:00:40]: Thank you very much.
Marco Ciappelli [00:00:41]: Yeah. So let's start with a little bit about you and an elevator pitch for the company so we understand what you guys do.
Rob Demain [00:00:48]: Sure. Yeah. So I founded the company back in 2013 as a cybersecurity company. We did many things to begin with, but over the last seven years, we just do SOC and MDR. So we're very, very focused at detecting and responding to cyber attacks as our business and we call it specificity. So by being -- doing one thing really well, that's our focus. And in delivering that mission, we cover IT and OT, including what's called critical national infrastructure, which is things like power, air traffic control, things that are critical as well as manufacturing typically, where operational technology is absolutely critical and often connected to IT in some way.
Marco Ciappelli [00:01:20]: So in this research, pretty much, what are the things that stood out the most for you and that are relevant for your customers?
Rob Demain [00:01:28]: Yeah, I think that the most important thing to take away is in operational technology, it's downtime. That is the big killer -- not so much data theft -- that is the real worry. So in IT, a lot of the focus is on data theft, data loss prevention, worried about being fined. In Europe, we have GDPR, we can get fined for data loss if it contains personally identifiable data. In operational technology, the focus is all around uptime and availability. If you're a manufacturing business, the part of your technology which is driving that production plant must keep going. And that might cost you a lot of money for minutes of downtime, while in IT we can probably live with a few minutes of downtime. The internet's not working, whatever -- the focus is often on compliance and on data loss. Clearly there can be ransomware in both, but it's much more critical, the downtime. You're much more sensitive to downtime in operational technology.
Marco Ciappelli [00:02:20]: So what is important here is how quickly you can react and fix whatever has caused this downtime. So what is the gap there? Action and reaction, let's put it this way.
Rob Demain [00:02:32]: So it's really interesting because we have a rule called safety first. In OT, you do not want to stop OT, so you can't put a preventive action in that may break OT. So in IT we might disconnect the internet or disconnect people's accounts or do those kind of actions in a response scenario to a cyber attack. In operational technology, sometimes we're rolling with the threat because we don't want to do something that could break the production line while we're trying to stop the threat itself. So you've got a very different way of managing threats in operational technology, and often the big threat at the moment, the big war at the moment, is that the most threats towards operational technology have never been motivated to destroy that technology -- they've been more motivated to listen and learn and steal IPR. And the worry is that if those things, due to political reasons or whatever, turn destructive -- those kind of long-term threats, those APT actors turn destructive -- that is a really big risk to OT.
Marco Ciappelli [00:03:20]: And the time, right -- the time to realize that something has happened, it's still quite long.
Rob Demain [00:03:27]: That's correct. The time to detect in OT is generally longer. What you find is that you find deviations in patterns in OT, and that may emerge over a long period of time. A lot of OT systems don't have the direct threat detection technology that would light up very quickly. So often you are looking at much more subtle signals in OT, because you can't put an EDR on an OT device -- it doesn't support it, it doesn't have that type of operating system. There's a big gap there.
Marco Ciappelli [00:04:00]: Yeah, that's important. And in the minute that we have left, let's talk about how these attacks are actually carried out. So how do they actually get in -- phishing, malware, ransomware -- and of course, if you want to throw some numbers in there. And of course, if you have a message for people who want to learn more and start working with you and your company, the mic is yours.
Rob Demain [00:04:20]: The main ways in from IT to OT -- so compromising IT then moving laterally, moving from IT to OT -- that is the most typical way. The next typical way is supply chain, so that could be software updates or firmware updates to the OT system that introduce something. It could be third-party management systems -- the people who support the technology being compromised. So supply chain risk and IT risk both create the major problems for OT technology. And my message to everyone is: read the report, enjoy it, have a look, think about how important operational technology is and the availability of it. Get in touch. You can find me on LinkedIn. Just get in touch, drop us a note and we can have a chat.
Marco Ciappelli [00:05:20]: And your website -- e2e-assure.com.
Rob Demain [00:05:24]: e2e-assure.com. You'll find us on LinkedIn, our website -- get in touch. Good people to work with and we really know our stuff.
Marco Ciappelli [00:05:33]: There you go. So everybody listening, if you want to learn more about this, get in touch with Rob and visit the website. All the notes will be pointing to the right places. So thank you for listening and stay tuned for another brand highlight. Thanks again, Rob.