The best OT security leaders I know do not have \”Head of\” in their title. They have technicians who trust them, operators who call them before they call the vendor, and a plant manager who actually reads their report. Here is what that kind of leadership looks like.

The best OT cybersecurity leaders I know do not have “Head of” in their title. They have something harder to earn and harder to put on a business card: the trust of the people on the plant floor.

Titles are given. Leadership is earned. In OT cybersecurity, where you are asking engineers who have run a plant safely for 20 years to accept a new category of risk, leadership matters more than almost any other domain of security.

What real OT security leadership looks like

1. The operators call you before they call the vendor

When something weird happens on the HMI (an unusual alarm, a communication glitch, a file that should not be there), the operator’s instinct is to call you, not the automation vendor, not the IT helpdesk. Not because you are in the runbook. Because they trust you to understand the problem and not blame them.

You earn this by showing up. Walking the floor. Sitting in the control room during a turnaround. Buying coffee for the morning shift. These are not security activities. They are leadership activities, and they compound.

2. The plant manager actually reads your report

A 40-page report with a heat map and a risk matrix will sit on the plant manager’s desk for a week and then end up in a binder. A one-page summary that tells them what the top three risks are, what they cost, and what you are doing about them: that one gets read, and acted on.

Real leadership writes for the reader, not for the file.

3. Your engineers argue with you

If your team never pushes back on your decisions, they do not feel safe doing so, which means you do not know when you are wrong. A good OT security team has loud meetings and quiet hallways. A bad one has quiet meetings and loud hallways.

Invite disagreement. Reward the person who tells you the plan will not work. Change your plan.

4. You say “I don’t know”

OT environments are specific. Every plant is different. Every process is different. Anyone who walks into your plant and claims to know everything is either lying or not listening.

The leaders who last are the ones who say, often, “I don’t know. Let’s ask the chemical engineer / the PLC programmer / the shift supervisor.” Admitting uncertainty is not weakness. It is the only honest response to genuine complexity, and it models behaviour your team will copy.

5. You translate

Most OT security work is translation. IT security speaks in confidentiality and data. Operations speaks in uptime and tonnes. Safety speaks in HAZOP and LOPA. Finance speaks in dollars and CapEx.

A leader in OT security can speak all of these, fluently, and translate between them without losing the meaning. When the CFO understands why an OT incident is a business continuity problem, and the plant manager understands why MFA on the engineering workstation is a safety improvement, you have led.

What real leadership is not

• Not the person with the most certifications. (The best leaders I know have fewer than their juniors.)
• Not the loudest in the meeting. (Usually the quietest, who listens first.)
• Not the one who quotes standards. (Usually the one who explains standards in plain language.)
• Not the one who owns the biggest budget. (Usually the one who is good at justifying a smaller one.)

A short test

If you left your organisation tomorrow, what would stay?

• The tools you procured? Someone else will maintain them.
• The policies you wrote? They live in a SharePoint folder.
• The reports you filed? They sit in binders.
• The relationships you built, the vocabulary you taught, the standards of professionalism you modelled, the trust between IT and OT teams you brokered: that stays. That is leadership.

Build that. The title will find you.

RelyBlue is built on the belief that OT security is ultimately a human problem: leadership, culture, translation. Join us if that is the kind of work you want to do.