Cybersecurity conversations in telecoms often focus on IT systems, cloud platforms and enterprise networks. Yet beyond the data centres and mobile cores lies another domain that is arguably even more critical to society. Industrial Control Systems (ICS) and Operational Technology (OT) environments underpin the power plants, water treatment facilities, railways, petrochemical sites and manufacturing plants that keep daily life running. These environments are increasingly in the crosshairs of cyber attackers.
A comprehensive YouTube course titled OSINT for ICS and OT brings much needed attention to this area. Created by Mike Holcomb, the 10 plus hour course explores how Open Source Intelligence (OSINT) can be used to better understand, assess and protect ICS and OT environments. For anyone working in telecoms infrastructure, utilities, transport or industrial sectors, this is highly relevant material.
Mike focuses on the practical reality that there are still relatively few accessible and high quality resources dedicated to OT and ICS cybersecurity. While IT security has matured with abundant training paths, certifications and community support, the world of control systems security remains comparatively underserved. That gap is particularly concerning given the importance of critical infrastructure to national resilience and economic stability.
Nice picture explaining the convergence of IT & OT - "While IT focuses on data and business processes, OT is dedicated to the control and monitoring of physical operations... Convergence of IT/OT generally means that the OT network is now accessible from the outside world via..." pic.twitter.com/i9RrWrr1hb
— Private Networks (@PrivNetTech) May 5, 2025
In his channel overview, Mike explains that his work is aimed at a broad audience. It includes IT cybersecurity professionals looking to pivot into OT security, engineers already working in industrial environments who want to strengthen their defensive posture, and owners or operators who are building or refining a cybersecurity programme for their facilities. This inclusive approach reflects the multidisciplinary nature of OT security, where engineering, networking and cybersecurity disciplines intersect.
The turning point for many in this field was the discovery of Stuxnet, the first widely known cyber weapon designed to disrupt industrial processes. The malware specifically targeted centrifuges in a uranium enrichment facility, manipulating physical processes while masking its actions from operators. For Mike, learning about Stuxnet sparked a deeper curiosity about how control systems function inside power plants and other facilities, and how they can be secured. That same question remains highly relevant today.
For readers of The 3G4G Blog, there is a natural connection. As telecom networks evolve towards 5G, private networks and future 6G systems, connectivity is extending deeper into industrial domains. Smart grids, connected factories and digitalised transport systems rely on robust communications as well as secure control environments. The boundary between IT and OT continues to blur. Understanding how adversaries might gather intelligence about exposed assets, misconfigurations or vulnerable systems using open sources is therefore a critical skill.
The OSINT for ICS and OT course aims to demystify that process. It looks at how publicly available information can reveal insights about industrial environments and how defenders can use the same techniques proactively. Rather than waiting for an incident, organisations can identify potential weaknesses and exposure before an attacker does. This proactive mindset aligns closely with modern security best practice across both telecom and industrial sectors.
Another important aspect is accessibility. The course is freely available on YouTube, lowering the barrier to entry for those who may be curious about OT security but unsure where to start. In a domain where specialist training can be expensive and difficult to find, open educational content plays a valuable role in building community knowledge and capability.
Critical infrastructure protection is not a niche concern. It affects the electricity that powers base stations, the water that cools data centres and the transport systems that support supply chains. As cyber threats continue to evolve, the need for professionals who understand both networking and industrial control environments will only grow.
For those interested in expanding their horizons beyond traditional telecom security and into the protection of the systems that underpin modern society, this course is well worth exploring. It is encouraging to see experienced practitioners sharing knowledge openly and helping to strengthen resilience across critical infrastructure sectors.
Related Posts:
- The 3G4G Blog: Telecom Security Realities from 2025 and Lessons for 2026
- Private Networks Technology Blog - IT and OT Convergence: Opportunities and Security Risks for Private Networks
- The 3G4G Blog: 3GPP Release 18 Signal level Enhanced Network Selection (SENSE) for Smarter Network Selection in Stationary IoT
- Private Networks Technology Blog: Understanding the Realities of OT Cybersecurity
- The 3G4G Blog: Key enablers for mass IoT adoption
