Fortinet has appointed Michael Murphy as head of operational technology and critical infrastructure for Australia.

Murphy's role will focus on assisting organisations to build cyber resilience for operational technology (OT) and helping them understand how to achieve strong outcomes for OT security.

According to the company, this will include demystifying and clarifying the different requirements of the OT and IT environments, reducing the friction points, and finding mutually beneficial objectives, solutions, and incident responses, in organisations' cybersecurity landscapes.

This newly created role has an important part to play as critical infrastructure (CI) organisations continue to face increased threats from malicious actors, Fortinet states.

The Australian government introduced the Security Legislation Amendment (Critical Infrastructure) Act 2021, which came into effect in December 2021. Further amendments are likely.

Initially two separate bills, the Critical Infrastructure Act includes three key aspects: registration of critical assets; reporting of compromised assets; and systems of national significance.

As such, CI organisations must conduct vulnerability assessments against these assets, apply automatic shutdown (ASD) sensors to monitor and protect assets, and conduct incident response plans and scenario testing.

The new Act covers 11 sectors and more organisations than before, creating an increased need for targeted cybersecurity within these organisations, Fortinet states.

Murphy has held roles as a cybersecurity practitioner and has built OT incident response teams in organisations including Hewlett Packard Enterprise in APAC and NTT Ltd. in Australia, New Zealand, Hong Kong, and Singapore.

He then returned to Australia, taking on a senior sales engineer role at McAfee Enterprise, followed by a solutions architect role at Trellix before joining Fortinet in May 2022.

Fortinet regional director Australia, New Zealand and the Pacific Islands, Jon McGettigan, comments, “Cyber attacks are affecting CI operators at increasing rates and the threats come from a myriad of sources. This is a highly complex issue made even more challenging by the fact that traditional IT security methods and approaches simply don't work for OT in a CI environment.

"Fortinet has created the role of head of operational technology and critical infrastructure in response to the changing legislative environment and threat landscape coupled with significant and rapid growth in this area at Fortinet. The aim is to help CI operators create genuine and lasting cyber resilience in the face of escalating cyber attacks."

He says, “Fortinet is thrilled to have Michael Murphy in this role. He brings a wealth of experience in responding to cyber incidents in critical OT environments and understands clearly how to help CI operators drive their security agenda forward, which will complement Fortinet's position as a leader in securing OT environments.

Fortinet head of operational technology and critical infrastructure Australia Michael Murphy says, “The Critical Infrastructure Act has changed the landscape for many organisations so it's important to help those organisations understand what's required and how to address the requirements effectively.

"It's essential to proactively identify and address the friction points between corporate IT objectives and OT objectives, then map out an approach to achieve mutually beneficial outcomes in the cybersecurity landscape.

“Fortinet brings a unique perspective to this challenge, which is what excited me about taking on this new role. I look forward to offering my strong outcome-based approach complemented by real-world, technical-backed experience and exposure to its customers in Australia.

"This combination is ideal for OT and CI organisations facing a sophisticated new world of threats with diverse motivations. I'm thrilled to be part of the Fortinet team and look forward to helping to drive real progress in cyber resilience.