.png)
Intellibuild’s Playbook for Transitioning from Passive Discovery to Active OT Risk Management
In this presentation from NexusCon 2025, Connor Gray, Senior Strategic Consultant at Intellibuild, explains how to move beyond basic device discovery into a mature, governed cybersecurity program. Addressing the friction between IT’s need for control and FM’s focus on uptime, Gray details the processes required to scan networks and assess digital maturity without disrupting critical building operations. The session explores the shift from a "Wild West" vendor environment to a structured posture where asset owners and occupiers can prioritize remediation over constant fire drills. Gray highlights how targeted assessments create a neutral ground for stakeholders to manage long-term portfolio risk and protect day-to-day business continuity.
Viewers will learn the critical differences between passive 24/7 monitoring and active queries that extract deeper asset attributes like firmware versions and serial numbers. Gray shares insights on why generic IT scanning tools often knock down lightweight OT controllers and how a targeted, building-protocol-aware approach prevents these operational nightmares. The recording reveals how to integrate disparate data from CMMS and BMS systems to build a single, defensible source of truth for every physical device on the network. For any OT leader looking to scale a cybersecurity program, this presentation provides a roadmap for shifting from reactive patching to a proactive, risk-based governance model.
Watch the full recording inside Nexus Pro →
In this presentation from NexusCon 2025, Connor Gray, Senior Strategic Consultant at Intellibuild, explains how to move beyond basic device discovery into a mature, governed cybersecurity program. Addressing the friction between IT’s need for control and FM’s focus on uptime, Gray details the processes required to scan networks and assess digital maturity without disrupting critical building operations. The session explores the shift from a "Wild West" vendor environment to a structured posture where asset owners and occupiers can prioritize remediation over constant fire drills. Gray highlights how targeted assessments create a neutral ground for stakeholders to manage long-term portfolio risk and protect day-to-day business continuity.
Viewers will learn the critical differences between passive 24/7 monitoring and active queries that extract deeper asset attributes like firmware versions and serial numbers. Gray shares insights on why generic IT scanning tools often knock down lightweight OT controllers and how a targeted, building-protocol-aware approach prevents these operational nightmares. The recording reveals how to integrate disparate data from CMMS and BMS systems to build a single, defensible source of truth for every physical device on the network. For any OT leader looking to scale a cybersecurity program, this presentation provides a roadmap for shifting from reactive patching to a proactive, risk-based governance model.
Watch the full recording inside Nexus Pro →
This is a great piece!
I agree.