Cybersecurity and AI Across IT-OT Automation Stack - Monthly Digest # 3

[ST # 74] ✅ My YouTube Videos, Trends & Risks, Why CXOs should care, recommended actions across the Cloud, ERP, DMZ, MES, SCADA, HMI, PLC/Edge, layers and references. 🚀 [Securing Things by M. Yousuf Faisal]

Author

M. Yousuf Faisal
August 13, 2025

In partnership with

Disclaimer: All views presented here, in this newsletter, are my own.

Author or the newsletter are not liable for any actions taken by any individual or any organization / business / entity. The information provided is for education and awareness purposes only and is not specific to any business and or situation.

M. Yousuf Faisal

Hey there,

Hope you are doing well.

This is Cybersecurity & AI across IT-OT Automation Stack - Monthly Digest # 3. 

✍️↪️ In this newsletter:

TL;DR — Summary

  • AI is now a security axis across the stack. Cloud AI workloads and model supply chains introduce new integrity and provenance risks that must be mitigated alongside traditional IT / OT controls.

  • ERP remains a top ransomware vector for manufacturers. A high percentage of ransomware incidents touch ERP systems — treat ERP hardening as high priority for business continuity.

  • Standards & guidance have advanced. ISA/IEC 62443 updates and NIST OT guidance continue to refine program-level and technical controls for IACS/OT. Use these as the program spine.

  • OT-specific advisories keep arriving. CISA/CERT vendor advisories (recent Schneider / CISA ICS advisories and multiple CVEs affecting PLCs / controllers) mean patch + segmentation programs must be operationalized.

  • Practical priority: inventory (including models & data), isolate and protect ERP and OT control planes, implement DMZ controls between IT/OT, embed AI security lifecycle controls, and prepare tested recovery playbooks.

  • 📘Conclusions for CDO / CIO and CISO’s.

  • ‼️ And some references.

But before we begin, do me a favour and make sure you “Subscribe” to let me know that you care and keep me motivated to publish more. Thanks!

Ready? let’s dig in.

Yours truly.

— Yousuf.

Note:

Some email service providers (ESPs) (e.g., Gmail / google) may clip a portion of the post after a certain length; in that case, make sure to checkout the online version by going to top right corner of the email and clicking the “Read Online” or link here.

Together With (Sponsor)

How can AI power your income?

Ready to transform artificial intelligence from a buzzword into your personal revenue generator

HubSpot’s groundbreaking guide "200+ AI-Powered Income Ideas" is your gateway to financial innovation in the digital age.

Inside you'll discover:

  • A curated collection of 200+ profitable opportunities spanning content creation, e-commerce, gaming, and emerging digital markets—each vetted for real-world potential

  • Step-by-step implementation guides designed for beginners, making AI accessible regardless of your technical background

  • Cutting-edge strategies aligned with current market trends, ensuring your ventures stay ahead of the curve

Download your guide today and unlock a future where artificial intelligence powers your success. Your next income stream is waiting.

Quick recap from previous Digests!

✍️ In Digest # 0, we covered basics around the IT-OT automation stack and its importance and relevance to building a competence framework for the next generation of IT & OT cyber professionals, whether they are Solution Architects and or Security Architects. Also shared some initial thoughts on the coverage across the project lifecycle stages.

✍️ In Digest #1, we covered brief introduction to each layer of IT-OT automation stack, related Purdue levels, industry 3.0 vs. 4.0 differences, insights, risks and threats, and few interesting resources on Cybersecurity and AI.

✍️ In Digest #2, we outlined a Competence Framework for both an Cybersecurity & AI architects / professionals as well as Industry 4.0 solution architects / professionals.

↪️ Let us know, in the future Digest # 4, what you’ll want me to cover more?

My YouTube Videos

In case you’ve missed, I’ve recently posted a couple of videos on YouTube.

Parallels between Digital Transformation & IT OT Cybersecurity Strategies (a 20-Minute Masterclass!)

In this ⏳20-minute short Masterclass, M. Yousuf Faisal (20+ years in IT/OT cyber) explains steps for #DigitalTransformation and #Cybersecurity Strategy execution and drawing parallels between the two.

Learn how to treat these not as separate projects but as a journey.

Getting Started in IT/OT Cybersecurity - A 3 Phase & 12 Steps Blueprint

This is for the following different persona types:

  • A recent graduate or learner- interested in getting started in IT/OT Security.

  • An IT security professional - interested in getting started in OT Security.

  • An automation professional - interested in getting started in OT security.

  • An experienced professional from a non-IT/Security/Automation field - interested in getting started in IT/OT security.

OT Cybersecurity Requirements Specification Dos and Don'ts

Deadly Sins (Common Mistakes) & Quick Wins (recommended fixes) for Industrial environments 🚨- You Can’t Afford to Ignore! Plus🚨

Cybersecurity Levers - Secure By 3Ds (Demand, Design & Default) - The Trifecta for Organizations

Explains what they mean? Why should you care? & how to leverage these to protect your business / industrial operations.

To continue reading about each layer of the automation stack for Trends/Risks, Why CXOs should care and immediate actions, subscribe and access for free.

Subscribe to keep reading

This content is free, but you must be subscribed to Securing Things Newsletter to continue reading.

I consent to receive newsletters via email. Terms of use and Privacy policy.

Already a subscriber?Sign in.Not now

Reply

or to participate.