Public-interest OT security
Limited nominal-fee and pro bono OT/ICS security reviews for small public-service organizations and community infrastructure.
Systems that matter more than their budget suggests
I reserve limited time for small public-service organizations with thin staffing or old equipment. That can mean schools, clinics, small hospitals, small utilities, community facilities, and local infrastructure operators.
The fit is usually a calm architecture review before the emergency: remote access, segmentation, vendor access, backup paths, monitoring, asset lists, and which risks are worth addressing first.
When the fit is public-interest and budget is the barrier, I scope nominal-fee or pro bono work case by case.
Practical changes before expensive ones
- → Asset and network review for IT, OT, and vendor-managed systems
- → Remote access, account, and logging review
- → Segmentation and firewall rule recommendations
- → Vendor coordination questions for controls, facilities, or IT providers
- → Short action list mapped to operational risk and available staff
How I frame the work
My background is industrial control systems security architecture, platform engineering, and systems engineering. I use that background to help small teams make safer choices and keep the paperwork useful.
When it helps, I can align recommendations to the CISA Cybersecurity Performance Goals, which provide a baseline set of cybersecurity practices for critical infrastructure and small and medium-sized organizations.
Active incidents need your emergency, legal, cyber insurance, and incident-response channels first. I am useful for architecture review, risk reduction, and the practical work that makes the next incident less likely or less damaging.