Topic Hub
Securing the Systems Where Failure Is Not an Option
Mission systems are the operational technology, critical-infrastructure, and national-security environments where a security failure has physical or strategic consequence, not just financial cost. Securing them has never been primarily a perimeter problem — it requires operational discipline: knowing what is actually running before deciding how to protect it, treating identity and access as a living system rather than a one-time control, and building monitoring that produces awareness rather than alerts nobody reads.
That discipline is now extending to a new class of actor. As AI systems and autonomous workflows get embedded into operational environments, they inherit the same non-negotiable standard mission systems have always required — and add new problems mission security has not yet fully solved, including identity for non-human actors and the cyber risk of workflows that execute without a human in the loop. This hub brings together Michael's OT and mission-security writing with his newer work on securing agentic and AI-enabled systems.
Core Thesis
Visibility Before Control, Discipline Before Tools
Most security programs in operational and mission environments fail quietly, not dramatically — not because a tool was missing, but because the organization did not have an accurate picture of what it was protecting. Asset inventories understate what is actually connected. Monitoring produces volume, not awareness. Vulnerability programs designed for IT break down against industrial systems that cannot be patched on a normal cadence.
The essays in this hub argue for a consistent discipline: establish real visibility before claiming control, treat data integration and identity as security controls in their own right, and extend that same rigor to AI-enabled and autonomous systems now operating inside the same environments — because the consequence of an ungoverned AI action inside a mission system is not hypothetical.
Key Concepts
The Vocabulary of This Work
OT/IT Convergence
Operational technology and information technology are no longer separate domains with separate rules, and treating them that way leaves the gap unmanaged.
Visibility Before Control
You cannot secure, patch, or monitor what you cannot see — and most environments see less than they believe they do.
Continuous Awareness, Not Point-in-Time Monitoring
A dashboard that logs events is not the same as an organization that understands what is happening across its environment right now.
Identity for Non-Human Actors
As agents and autonomous systems act inside mission environments, they need identity, provenance, and audit evidence with the same rigor as human users.
Risk Quantification and GRC
Turning security and operational signals into business decisions boards can actually act on, rather than compliance artifacts nobody reads.
Relevant Experience
This work draws directly on leading global OT cybersecurity at Honeywell, running national cyber-analytics programs for DHS and CISA at Raytheon, and cyber and analytics delivery at Booz Allen Hamilton — extended today through Plurilock's Critical Services practice and R2 Advisory's secure AI transformation work.
Essential Reading
A Suggested Reading Sequence
Start Here
The False Promise of IT Security in OT Environments
The assumption that OT security is just IT security in a different building is not only wrong — it is dangerous. Applying IT controls to OT environments does not reduce risk. It introduces a new category of it.
Core Framework
The Visibility Gap in OT: Why You See Less Than You Think
The gap between documented assets and actual assets in industrial environments is not organizational incompetence — it is a structural feature. And threat actors are not constrained by your asset inventory.
Technical Implications
Data Integration as a Security Control
The relationship between data integration and security is usually framed in one direction. The more consequential relationship runs the other way: data integration determines what can be seen, correlated, and acted on.
Operating Implications
From Continuous Monitoring to Continuous Awareness
Data volume produces the appearance of security awareness while frequently obscuring the understanding that awareness is supposed to provide. The distinction between monitoring and awareness is the difference between having data and understanding what it is telling you.
Extending to AI
Identity Beyond Humans
Enterprise identity was built for humans, applications, and service accounts. Agents introduce ephemeral, delegated, contextual identity, and demand that every machine action tie back to an accountable principal.
Applied Perspective
The Cyber Risk of Autonomous Workflows
As workflows move from deterministic automation to autonomous action, security must govern intent, provenance, permissions, and behavior. Autonomy is not the problem. Unbounded autonomy is.
Where This Is Applied
This thinking is not theoretical — it directly informs Michael’s current work on Secure Mission Systems.
Related topic hubs: Secure AI and Agentic Governance