Michael Welch: Tying Resilience, Availability, Compliance and Cybersecurity Together Into a GRC Program

Podcast: The PrOTect OT Cybersecurity Podcast (LS 29 · TOP 10% what is this?)
Episode: Michael Welch: Tying Resilience, Availability, Compliance and Cybersecurity Together Into a GRC Program
Pub date: 2023-05-25

About Michael Welch: Michael Welch is the Director, GRCaaS within T&D Governance, Risk, Cybersecurity & Compliance group at Burns & McDonnell. He has over 25 years of professional experience in risk management, compliance, and critical infrastructure. Michael previously served as global chief information security officer for OSI Group, a privately-owned food processing holding company throughout 17 countries. In addition, he has worked with Duke Energy Corp and Florida Power & Light, among other companies.

In this episode, Aaron and Michael Welch discuss:

Integrating compliance, cybersecurity posture, and risk management in governanceEnhancing cybersecurity through asset inventory and collaborative communication for critical infrastructure protectionManaging cross-industry compliance for resilient risk management in operational technology (OT) environmentsThe importance of experience and knowledge in implementing large-scale programs and compliance for effective cybersecurity

Key Takeaways:

To effectively manage risk and ensure the resilience and availability of critical systems, compliance and cybersecurity need to collaborate within a comprehensive governance, risk, and compliance program, fostering teamwork among engineers, cybersecurity experts, and OEM vendors, especially in complex and retrofitting environments.Building a strong rapport and fostering open dialogue between cybersecurity experts and operational personnel is crucial for safeguarding critical infrastructure, maintaining operational dependability, and harmonizing cybersecurity initiatives with business goals and operational needs.It is crucial to promote a strong culture of safety and prioritize cybersecurity in operational technology (OT) environments in order to protect lives, infrastructure, and ensure the smooth continuation of business, while effectively managing compliance through collaboration and effective leadership within the organization.Experienced professionals and organizations with knowledge in program implementations, compliance, audits, and regional variations can effectively manage risks, maintain compliance, and address cybersecurity challenges proactively to add value and stay ahead of evolving threats. 

"We do have to adapt to technologies continuously changing. We've talked about it a little earlier that years ago, everything was manual. When technology came in, it's now more automatic. Business wants information, wants data. So that's never going to change, right? So we always have to make sure we're staying continuous. We're continually improving the way we do things." — Michael Welch

 

Connect with Michael Welch: 

Email: [email protected] 

Website: https://www.burnsmcd.com/ 

LinkedIn: https://www.linkedin.com/in/michael-welch-93375a4/ 

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.