About Mike
Mike Holcomb is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, one of the world’s largest engineering, procurement, and construction companies. His current role provides him with the opportunity to work in securing some of the world’s largest ICS/OT environments, from power plants and commuter rail to manufacturing facilities and refineries.
​
His mission is to make OT/ICS cybersecurity accessible and help those wanting to learn more. He posts regularly on LinkedIn and YouTube to help others, no matter where they live, learn more about securing OT/ICS and critical infrastructure.
Mike's Story
His Journey into Cybersecurity
Growing up in San Diego, Mike was eleven when he saw David Lightman hack NORAD in the movie Wargames, and he was hooked. Shortly after, he met his friend Chris who was a stereotypical hacker kiddie—cracking games to copy them, writing cheat codes for unlimited lives and gold, dialing in to hacker Bulletin Board Systems. While Mike was the "good kid" and never could do any of those things, he watched and was always fascinated with what he saw. He always wondered if someone like Chris, who was the nicest guy in the world, could do these things, what could someone with bad intentions do? And ever since, his main focus was not only computers or IT but understanding the risks to IT and how to protect against them.
His Journey into OT/ICS
After 20+ years in IT cybersecurity, things changed when news of the Stuxnet attack was announced. Mike felt like he was a little kid again, watching Wargames, fascinated with what he saw: This piece of malicious code that reached out and was able to have an impact on machinery in the real world and, even more interestingly, took steps to hide what was happening from the operators so no one knew what was actually happening. The operators thought all systems were operating perfectly fine while behind the scenes, their uranium centrifuges were being physically broken down.​
With Stuxnet, he started asking how the same type of attack applies to critical infrastructure like power. How does cybersecurity work in a power plant? Do we even have computers in a power plant? Surely, we must? But then again... how do we secure them?
There weren't really any resources at the time to learn from. He reached out to others to ask, including contacts in critical infrastructure, but found no one wanted to have those conversations. At first he thought they didn't want to talk with him, but eventually he realized that those environments just weren't doing anything for cybersecurity. They didn't even know what it is.
With a lack of available resources, Mike was beyond frustrated but slowly began to put the pieces together, finding others out in the community, going to work for one of the world's largest engineering companies, and learning all that he could.
His Journey into Helping Others
Knowing how frustrated he was in trying to learn about OT/ICS cybersecurity, Mike realized it should never have to be that way and no one that wants to learn should feel the same. This thought caused him to start posting content on LinkedIn about OT/ICS cybersecurity and then shortly after on YouTube where he debuted a 25+ hour course to help simplify and demystify OT/ICS cybersecurity for anyone that wanted to learn—no matter where they lived and no matter how much money they have. Mike continues to focus on helping others learn how to protect critical infrastructure and other OT/ICS environments through his content, community work and consulting services.
Community Initiatives
Mike founded BSides Greenville as well as the UpstateSC ISSA Chapter. He also developed the courses for the cyber security program at Greenville Technical College.
​
Most recently, he founded and heads BSides ICS/OT. Get your ticket for BSides ICS/OT 2026 >
Education & Certifications
Mike earned his Master of Science in Information Security Engineering (MSISE) from the SANS Technology Institute.
Read his thesis, Mode Matters: Monitoring PLCs for Detecting Potential ICS/OT Incidents >
​
Additionally, he maintains cyber security and ICS/OT certifications such as the CISSP, GRID, GICSP, GCIP, GPEN, GCIH, ISA 62443, & more.​
Appearances & Media
2025
Talks & Presentations
-
Automating the SANS ICS 5 Critical Controls (slides) (SANS ICS Security Summit 2025) (Check out the visual summary​)
-
Getting Started with ICS/OT Cyber Security by Mike Holcomb (watch) (InstMC Cyber Security Special Interest Group)
Podcasts​
-
ICS/OT Trends and the Food We Eat: A Conversation with Mike Holcomb (listen) (Bites and Bytes Podcast)
-
Mike Holcomb on Starting and Succeeding in OT Cybersecurity (listen) (Nexus: A Claroty Podcast)
-
Interview with Mike Holcomb (listen) (Covert Access Team)
-
The Tough Dance of ICS/OT Security alongside Mike Holcomb (watch) (CISO Chair)
-
Securing OT Systems, Best Practices and Strategies - Mike Holcomb, Industrial Cybersecurity Expert (watch) (Internet of Things equation)
-
Is PLC Remote Mode Secure? Mike Holcomb Breaks It Down (watch) (ICS Arabia Podcast)
-
Behind ICS / OT security with Mike Holcomb (watch) (The Cyber Corner with Mohamed Hamdi Ouardi)
-
Hacktivists, Nation-States & OT Security Fundamentals | Mike Holcomb (watch) (OT Office Hours)
-
Mike Holcomb - OT Security & Jaguar Land Rover Incident (watch) (The Keyboard Samurai Podcast)
Other​
-
"Urgent need for resilient industrial cybersecurity professionals to defend ICS/OT systems from rising cyber attacks" (read) (by Anna Ribeiro)
​
2024
​​Talks & Presentations
-
Using ChatGPT to Write ICS/OT Defensive and Offensive Tools (slides) (SANS ICS Security Summit 2024) (Check out the visual summary)
-
Countdown to Industrial Extinction by Mike Holcomb (watch) (OTSecurityProTechTalk)
-
Getting Started in ICS/OT Cybersecurity & Trashy Reality TV (watch) (PancakesCon 5)
Podcasts
-
Building a Bridge Across the Divide: The Intersection of IT and OT Cybersecurity with Mike Holcomb (listen) (IOT Security Podcast by Phosphorous Cybersecurity)
-
ICS/OT Cybersecurity: Events, Networking, and Industry Discussions with Mike Holcomb (listen) (PrOTect It All)
-
How to Get Into Control Systems Security (listen) (The Exploring Information Security Podcast)
-
Making the Move into OT Security (listen) (Waterfall Podcast)
-
Global Cybersecurity Insights with Mike Holcomb (watch) (CS²AI Podcast Show)
​
2023
Podcasts
-
Michael Holcomb: The Journey from IT to OT and Strengthening IT-OT Partnership (listen) (The Protect OT Cybersecurity Podcast)
​
2021
Talks & Presentations
At SANS ICS Summit, SANS invited Ashton Rodenhiser of Mind's Eye Creative to create graphic recordings of presentations. Check out what they made for Mike.
