Portfolio Gallery
This section focuses on operational technology, industrial control systems, cyber-physical risk, and the security challenges that exist where cybersecurity meets real-world operations.
My interest in OT/ICS security comes from academic exposure to ICS and SCADA concepts in simulated smart grid and lab environments, where cybersecurity risk must be understood alongside availability, safety, uptime, and operational continuity.
OT/ICS focus: These pages emphasize operational impact, asset context, safety awareness, recovery validation, and risk communication — not just traditional IT vulnerability severity.
Featured Case Studies#
ICS IT/OT Application-Level DoS Attack Lab#
A redacted academic lab case study focused on investigating and recovering from an application-level denial-of-service condition affecting a SCADA/OT environment.
Using AI to Translate Vulnerability Risk Between Cybersecurity and OT Operations Teams#
A concept note exploring how AI could help translate vulnerability findings into operationally meaningful language for OT, ICS, cybersecurity, and business stakeholders.
Focus Areas#
Cyber-Physical Risk#
OT/ICS security is not only about vulnerabilities and technical findings. It is also about understanding how cyber risk can affect physical processes, operations, safety, uptime, and business continuity.
Operational Impact
Risk Frameworks#
Notes and projects related to frameworks such as NIST CSF and IEC 62443, especially where they apply to industrial environments and operational security programs.
NIST CSF / IEC 62443
Smart Grid and Critical Infrastructure Concepts#
Writeups related to smart grid security, industrial network segmentation, control system risk, asset context, and the unique challenges of securing operational environments.
Smart Grid
Translating Cybersecurity for Operations Teams#
A major challenge in OT/ICS security is communicating technical findings in a way that engineers, operators, and business stakeholders can act on.
Risk Communication
Planned Articles#
What Makes OT/ICS Security Different from Traditional IT Security#
A planned writeup explaining how availability, safety, physical processes, maintenance windows, and vendor constraints change the security conversation.
Planned
Why Asset Context Matters in Industrial Vulnerability Management#
A planned article focused on why CVSS alone is not enough when an affected asset supports operational processes.
Planned
IEC 62443 Notes for Early-Career Cybersecurity Professionals#
A planned notes page for organizing early-career learning around industrial cybersecurity principles and controls.
Planned