CATCH hosted their Cyber Security (OT) Network on 5^th March.  Adam Chapman from Tronox chairs the group and welcomed over 30 delegates to the meeting and introductions were made.

The agenda was reviewed and the group Terms of Reference was approved.

The first speaker was Mark ‘Magpie’ Graham from Dragos who gave a presentation on 2025 OT/ICS Cybersecurity Briefing.  Magpie highlighted that the current geopolitical climate is driving increased concern for cybersecurity in industrial environments.  Magpie explored the range and complexity of threats including tracking of 24 named threat groups and over 30 hacktivist groups claiming OT impacts.

Magpie detailed several recent attacks including malware multistage attacks such as FUXNET & FrostyGoop.  The convergence of hacktivism and state-sponsored threats was mapped and discussed.  New threat groups were reviewed including GRAPHITE.  The recommendation was shared to initiate proactive threat hunts to identify unauthorised SSH and PPTP communications.  Tactics, tools and procedures were discussed.  Magpie concluded with advice on the 5 ICS cybersecurity critical controls.  Magpie took questions.

After a break, Lambda and Tronox gave a joint presentation.  Adam, Tony and Sherol gave a detailed input with some content restricted on sharing afterwards.  Adam outlined the objectives and design targets to develop a high level design document.  Tony described how to map out the cybersecurity lifecycle of an OT site.  Sherol described how to secure senior stakeholder buy in to be clear about the project and what input was needed.  A workshop kicked off the programme to identify who would be included and developed a collaborative approach.  This required coordination across countries and time zones.  Tony & Sherol described some of the project challenges and solutions, for example procurement, transport and logistics and third-party vendors.  A Q&A session followed the presentation.

The group discussed the next 5 day training opportunity with ISA at CATCH in late April.  Places are still available to book.

The next meeting will be held on 11 June, for more information about this and other CATCH networks please contact katie.hedges@catchuk.org