The Operational Technology Middle East Community (OTMEC) has officially launched as a regional initiative dedicated to enhancing ICS/OT cybersecurity across the Middle East and North Africa. The co-founders of the initiative include Reem Faraj AlShammari, Bryson Bort, Thomas VanNorman, Saltanat Mashirova, and Michael Hoffman. The advisory board includes Robert M. Lee and Tim Conway.
OTMEC aims to foster vendor-neutral knowledge sharing, build and support the OT security workforce, and drive collaboration, innovation, and the protection of critical infrastructure. The community provides a platform for ICS and OT cybersecurity professionals in the region to exchange insights and best practices. It seeks to strengthen workforce training, encourage collaboration and innovation within the industry, and advocate for greater public awareness and robust cybersecurity policies related to critical infrastructure.
The leadership detailed to Industrial Cyber that, before OTMEC, the region faced clear gaps, including siloed knowledge-sharing among asset owners, vendors, and national bodies. There was no region-wide, vendor-neutral OT/ICS-focused community. The OT workforce lacked mentorship pathways and structured development. Critical infrastructure sectors worked independently instead of exchanging lessons learned. Digital transformation and modernization were accelerating faster than security maturity.
With backing from the co-founders, ICS Village, and Women in CyberSecurity Middle East (WiCSME), communities renowned for hands-on education, empowerment, and global collaboration, OTMEC positions the Middle East as a key driver of industrial cybersecurity excellence.
They added, “Our long-term mandate extends beyond geography. Inspired by WiCSME’s global growth, OTMEC is building a five-year blueprint for how an OT community should operate globally, creating opportunity, shaping best practices, and raising awareness around the world.”
The executives identified that the Middle East faces a unique combination of industrial intensity, rapid digital transformation, and elevated geopolitical threats, making OT and ICS cybersecurity especially critical.
OTMEC focuses on the core challenges that consistently emerge across the region. These typically include legacy, heterogeneous industrial systems that are difficult to patch, monitor, or secure consistently across large-scale operations. Rapid IT/OT convergence and IIoT expansion, which widen the attack surface and introduce new cyber-physical risks. Shortage of OT-experienced cyber professionals, leading to gaps in incident response, architecture design, and risk management.
It also covers siloed approaches among operators, vendors, and regulators, limiting the region’s ability to respond cohesively to sophisticated threats. Lack of structured mentorship and community-driven knowledge transfer, especially for early-career professionals, and uneven awareness at executive and policy levels, meaning OT risks are not always treated with the urgency they require.
“While not the core driver of today’s challenges, the region’s increasing adoption of AI-enabled monitoring, predictive maintenance, and digital twins introduces additional considerations around data integrity, system trust boundaries, and operational validation,” the leadership added. “OTMEC incorporates these developments into its dialogues and workforce initiatives to ensure organizations are future-ready. By aligning practitioners and decision-makers around shared challenges and solutions, OTMEC aims to elevate regional OT readiness, strengthen competency, and enhance industrial resilience across the Middle East.”
OTMEC is intentionally designed as a collaboration engine that aligns the region’s entire OT ecosystem. This includes a vendor-neutral membership model open to practitioners, operators, vendors, regulators, and academia; technical workshops, training, and hands-on events, supported by ICS Village; partnerships with regional cybersecurity conferences, including the initiative’s launch at BlackHat MEA; and online collaboration channels enabling continuous discussion and cross-border knowledge exchange.
It also covers mentorship programs, inspired by WiCSME’s model, to grow the next generation of OT security professionals; working groups and advisory oversight to develop practical, community-driven guidance; and constructive engagement with national cyber authorities to help shape policies grounded in operational reality.
When it comes to measuring impact, the leadership pointed to community growth and diversity across sectors, disciplines, and countries; participation and outcomes from events, workshops, and training activities; workforce development metrics, including certifications, career progress, and mentorship results; and adoption of community-generated best practices within member organizations. It also includes engagement from regulators and national authorities, and feedback from operators demonstrating improved preparedness, visibility, and resilience.
“Ultimately, OTMEC’s success will be measured by whether our community strengthens industrial resilience, reduces operational risk, and advances regional and global standards for OT security,” the leadership added. “We want to evolve from a regional hub into a globally connected OT community shaping the future of industrial cybersecurity worldwide.”