With cyber incidents on the rise in operational environments, vCISO.One has launched a new service focused on securing IoT and OT systems. The move comes as councils, utilities, and manufacturers face mounting challenges protecting smart infrastructure and legacy industrial control systems.
— As Australian councils, utilities, and manufacturers increasingly adopt connected technologies, a Brisbane-based cybersecurity consultancy is sounding the alarm on a blind spot in the nationās digital defences.
vCISO.One, a firm specialising in virtual CISO and advisory services, has launched a dedicated IoT & OT Security Services offering in response to what it calls a ācritical exposureā across industrial and smart infrastructure environments. The service is designed to help organisations assess and strengthen the security of systems such as SCADA networks, telemetry, remote sensors, and internet-connected devices that underpin physical operations.
While digital transformation continues to blur the lines between IT and OT, many of the devices now online were never built with cybersecurity in mind. Common issues include legacy systems with no encryption or authentication, vendor-managed access without logging or MFA, and outdated firmware still in active use.
āFrom smart street lighting to water treatment systems, weāre seeing critical assets connected to public networks with minimal oversight,ā said Andrew Egoroff, Principal Consultant at vCISO.One. āThe risks arenāt theoretical ā theyāre real, and in some cases, already active.ā
The new service includes comprehensive assessments of IoT and OT environments, covering asset discovery, architecture review, vulnerability identification, and protocol analysis. It also maps systems to recognised standards such as IEC 62443, NIST SP 800-82, and the ACSC OT Security Principles, aiming to align engineering and operations with broader cybersecurity governance.
A growing body of research has highlighted the fragility of industrial control systems, particularly when internet-facing components or remote access solutions are introduced without adequate security controls. Notably, many Australian councils and small utilities lack the internal resources or specialised knowledge to address these concerns.
Client feedback suggests the need is pressing. A regional water utility that participated in a pilot review reported discovering several undocumented systems with open exposure to the internet. āThis wasnāt just a gap in policy,ā the utilityās infrastructure manager noted. āIt was a real-world risk we didnāt know existed.ā
In launching the service, vCISO.One aims to provide both immediate visibility and longer-term roadmaps for strengthening resilience ā particularly in environments where uptime and safety cannot be compromised.
As cyber threats increasingly cross from digital into physical systems, the question of IoT and OT security is no longer one of future risk. For many Australian organisations, itās already a present challenge.
About vCISO.One
vCISO.One is an Australian cybersecurity consultancy founded by Andrew Egoroff. The firm specialises in delivering flexible virtual CISO services, cybersecurity program management, risk and compliance consulting, and managed security solutions tailored to small and mid-sized organisations. With decades of international experience and a practical, results-driven approach, vCISO.One helps clients strengthen their security, meet regulatory obligations, and build long-term resilience.
Learn more at www.vciso.one.
Contact Info:
Name: Andrew Egoroff
Email: Send Email
Organization: vCISO.One
Address: 29/97 Creek Street, Brisbane City, Queensland 4000, Australia
Phone: +61-1300-067-003
Website: https://vciso.one
Source: PressCable
Release ID: 89166556
If you detect any issues, problems, or errors in this press release content, kindly contact [email protected] to notify us (it is important to note that this email is the authorized channel for such matters, sending multiple emails to multiple addresses does not necessarily help expedite your request). We will respond and rectify the situation in the next 8 hours.
