MCTTP – Munich Cyber Tactics Techniques and Procedures

Dr. Klaus Kursawe

OT Security Expert

Dr. Klaus Kursawe received his PhD from the University of Saarbruecken in collaboration with the IBM Research Labs in Zurich in 2001, working on issues of securely distributing services over unreliable networks. He worked at IBM until 2003 on various issues around Trusted Computing, which he also worked on when moving to the Katholieke Universiteit in Leuven. From 2006 till 2010, he was a Senior Researcher at the Philips laboratories in Eindhoven, where he headed the "Trusted Systems and Services Cluster". In this context, he started working on security aspect and standards around the 'Smart Grid', which he continued after changing to teach at Radboud University. In 2012, he co-founded the European Network for Cyber Security, where build ip the research and development activities for critical infrastructure security until 2016. Since then, he has worked as a consultant for critical infrastructure security for both infrastructure owners and security providers, and been involved in two startups on decentralized services.

Dr. Kursawe is a frequent speaker on both academic and industry conferences, and has been involved in various EU and US working groups as well as standardisation groups around security.

talks & Q&A

Beyond OT Security: Towards Resilience in Critical Infrastructure

Description:

The security of Operational Technology (OT) systems—particularly in critical infrastructures such as the electricity grid—faces challenges that differ fundamentally from those of traditional IT environments. While notable progress has been made in recent years, the gap remains significant, leaving key questions on how to effectively address OT security still unresolved.

At the same time, the threat landscape has evolved considerably. The current geopolitical situation has increased both the focus on critical infrastructure and the aggressiveness of attackers, as illustrated by incidents such as the (likely Russian) attack on the Polish power system in December 2026. These developments highlight the need to move beyond a purely cybersecurity-centric view towards a more comprehensive resilience model—one that includes physical and human factors, addresses supply chain risks, and enables meaningful modes of graceful degradation.

In parallel, the convergence of IT and OT is progressing towards near-complete integration through “Operational IT,” bringing the two worlds closer together—and, in doing so, combining and amplifying their respective security challenges.

This presentation provides an update on the evolving technical and threat landscape and its implications for both security and resilience. It examines recent attacks and the lessons they offer, and presents practical approaches while highlighting key challenges that remain unresolved.