Session Abstract:
Ransomware in plants, exposed OT gateways, compromised APIs, poisoned models, and now GenAI-driven attack chains—IoT and AIoT sit squarely on the front line of cyber-physical risk. At the same time, factories are embracing wireless on the shop floor, from private LTE for deterministic connectivity to emerging standards like DECT NR for dense sensor deployments. Every new link in the chain expands the attack surface.
This IoT Security CoE panel cuts through the noise to show how leaders are securing large-scale IoT and converged OT/IT environments for the next decade. We’ll examine the full stack—from device and software supply chain to wireless access, edge, and cloud—and discuss what is actually working in brownfield and greenfield deployments.
Topics include:
-
Moving from perimeter security to identity-first, zero-trust architectures for IoT and OT, with strong onboarding, cert/PKI at scale, and policy-driven access from sensor to cloud.
-
Building secure-by-design and secure-by-default products: SBOMs, secure boot, signed firmware, update pipelines, and vulnerability management that operations teams can live with.
-
Hardening the wireless factory floor: segmenting and monitoring private LTE and DECT NR networks, mitigating RF-borne threats, and aligning wireless security with safety and reliability requirements.
-
Monitoring, segmentation, and incident playbooks tuned for plants, grids, and fleets—across both wired and wireless domains.
-
Governing AI and GenAI at the edge, including how to protect models, data pipelines, and agents that influence physical processes.
Attendees will leave with pragmatic patterns, reference controls, and questions to take back to their own factories and field operations.
Speakers:
Oscar De Leon, IoT Solution partnership with ITS Practices (Digital Velocity, Hybrid Infrastructure, Security), CDW, has 25+ years experience in Data Networks, OT, Sensor technology, Cloud and AI. He has helped to transition BAS/OSS service organization from install to integration consulting services. He has partnerships with agricultural equipment manufacturer deployed IR system to improve crop germination. He is involved in managing and developing Strategic Partnerships for Dell IoT Business. He has created cold chain monitoring/managing/tracking solution for the two largest grocery retailers in the world. He has digitized the process of JIT (Just-In-Time) warehousing/delivery for automotive manufacturing site. He has developed a carrier grade sensor solution to monitor fracking operations via cellular Successful deployment of CO (Central Office) environmental monitoring and control system. At Honeywell he develop a building simulator on Niagara Frameworks to train the Forge Smart Building SaaS Platform rules engine.
Travis Russell has been in telecommunications more than 40 years, with experience in radio, voice and data networking. As a cyber security professional and technologist, Mr. Russell has a long career focused in telecommunications cyber security and fraud, with expertise in a number of telecom technologies.
He participates in a number of standards bodies and trade associations, including the 3GPP, GSMA, and IETF. Travis serves on several advisory councils, including the FCC Communications Security, Reliability, and Interoperability Council (CSRIC). Mr. Russell has authored several technical books, including “Signaling System #7,” “Session Initiation Protocol,” “IP Multimedia Subsystem,” and “LTE Signaling With Diameter,” all published through McGraw-Hill. His book, “Telecommunications Protocols” is still used in colleges and universities today for teaching the fundamentals of telecommunications, and is printed in four languages. Mr. Russell holds several patents focusing on cyber security and fraud solutions, and has lectured at colleges, universities, and industry events all over the world. He is currently the head of the Cybersecurity Office at Oracle Communications. LinkedIN profile is available at: https://www.linkedin.com/in/travisrussell1/
Anshuman currently serves as Director, Verizon Threat Research Advisory Service (VTRAC) | Cybersecurity Consulting, leading people and managing consulting businesses for the past 19 years. As a regional leader for the investigative response team and a global capability lead for CSIRT, I am responsible for business portfolio management for professional services, especially focused on digital forensics, incident response, and threat intelligence in the US & APJ region while working for several top global enterprises and government organizations. Anshuman has a proven track record in designing security practice portfolios/delivery approaches, managing large projects, leading people and managing consulting business as a P&L owner. He has conducted Executive Breach Simulations, Cyber Crisis Drills and Executive Cyber Resilience simulations, and has written several white papers / articles on a number of topics related to cyber security, while also serving as an active speaker in several industry events/seminars on matters related to cyber security. And has successfully led and delivered projects in Governance, Risk and Compliance, PCI DSS QSA areas, ISO 27001 implementation and readiness assessments, risk management, vulnerability assessments, penetration testing, etc. Anshuman has a B.Tech degree in Electronics & Communication Engineering from Kurukshetra University and also holds a Masters degree in Cyber Law & Security. He also holds key certifications, including SANS GCFA, GCFE, GREM, CISM, CISA, TOGAF. Anshuman has led Speaking Engagements, published articles and participated in media Interviews, which include the following: New Jersey Digital Government Summit 2025, New Jersey, USA, International Association of Financial Crimes Investigators, North Carolina, LogicOn Conference 2024, Ohio, Ticker News, Techgig, PCQuest, Dataquest, BISinfotech, SME STREET, Manufacturing Today, People Matters, CISOMAG, Telangana Today, YourStory, digital4n6, Economic Times, AIM, IN FOCUS, themachinist
Chad Humphries is a Network & Security Consultant for Rockwell Automation. He has over 20 years of experience with operational technologies used in automated manufacturing environments (OT-IACS). He specializes in strategic business planning areas such as: digital sustainability, cyber-risk-quantification (CRQ), fiduciary responsibility, regulatory compliance, reporting, privacy law, cybersecurity law, production network security standards (NIST-CSF, IEC-62443, and ISO), grant subsidy capture, and Rockwell Automation network technologies/deliverables. His core competency is helping organizations to balance cyber risk management,while maintaining course to achieve desirablebusiness outcome objectives.
