Cyber security and Critical Infrastructure: Are We Prepared for the Worst?

Cyber security and Critical Infrastructure: Are We Prepared for the Worst?

In this episode of Razorwire, I had the pleasure of speaking with Phil Tonkin from Dragos about securing critical infrastructure. Phil and I delved into the definition of critical infrastructure, the fragility of supply chains and the importance of preparing for potential attacks. We also talked about the Colonial Pipeline incident and the inextricable link between IT and OT in critical infrastructure.

Phil tells us how we should be advancing the development of defensive capabilities and safeguard civilisation as well as how to overcome the many challenges of managing risks and compliance, the changing perception of IT and cyber security within organisations and how to deal with the increasing sophistication of cyber attacks.

Overall, it was a fascinating discussion that shed light on the critical importance of securing our infrastructure in the most suitable way given the challenges we are facing. I hope you enjoy listening to this episode of Razorwire as much as I enjoyed recording it.

"Don't just chase the newest and sexiest technology. Focus on actual risks and develop capabilities that can manage those risks."
Phil Tonkin

Listen to this episode on your favourite podcasting platform:

In this episode, we covered the following topics:
The evolution of critical infrastructure and how we can advance our defensive capabilities
How the Colonial Pipeline incident changed the perception of critical infrastructure security, and how to prepare for future attacks
The decision-making processes of critical infrastructure companies during a cyber attack
The factors that increase the likelihood of an attack, according to Dragos’ latest research
The reduction of surplus reserves and the need for governments to identify what to subsidise to increase resilience
What are the key concerns Dragos are seeing from customers in critical infrastructure and what do these organisations need to be mindful of
The problems with securing an organisation simply to meet minimum compliance standards
Cyber security budget limitations vs high expectations

Phil Tonkin
Phil is the Senior Director of Strategy at Dragos and has worked in the power industry for over 20 years. In the last five years, Phil has led the cyber security efforts for operational technology in the UK and US, with experience in securing systems in electricity and gas control centres, communication networks and operational sites.

Other episodes you'll enjoy

Data Protection and Ethical Standards in Cyber Security

A Snapshot in Time: Why Penetration Testing Is Critical for Cyber Security

Connect with your host James Rees

Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.

Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.

With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.

For more information about us or if you have any questions you would like us to discuss email

If you need consultation, visit, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.

Linkedin: Razorthorn Security

Youtube: Razorthorn Security

Twitter: @RazorThornLTD