Events
,
Governance & Risk Management
,
Operational Technology (OT)
Dragos’ Robert Lee on Why Ransomware Groups Target OT for Faster, Larger Payouts
Organizations struggle to monitor and protect their operational technology environments as systems become complex and interconnected. This visibility gap presents a significant challenge as adversaries specifically target these environments for maximum impact and financial gain.
See Also: NHS Ransomware Attack: Healthcare Industry Infrastructures Are Critical
“We’re seeing a lot more digitization and automation being put into [OT systems]. The more digital, the more connected and the more complex these operations environments become, the more attack surface there is,” said Robert Lee, co-founder and CEO of Dragos. “Criminals understand they get paid faster and more if they hit operations. So, they’re going after operations.”
In this video interview with Information Security Media Group at RSAC Conference 2025, Lee also discussed:
- The growing need for government and board-level awareness of OT security risks;
- Why organizations must implement east-west visibility to detect threats inside operations networks;
- How to make judicious decisions amid unreliable vulnerability advisories and threat intelligence.
Under Lee’s leadership, Dragos became the first ICS/OT cybersecurity unicorn, valued at $1.7 billion. Prior to Dragos, he worked at the NSA, where he pioneered the first ICS/SCADA threat intelligence mission. Lee has led investigations into major cyberattacks, including the 2015 Ukraine power grid incident and the 2021 Colonial Pipeline ransomware attack. Lee is on the Department of Energy’s Electricity Advisory Committee and is a member of the World Economic Forum’s cyber resilience initiatives.