Beyond the Alert

Element Solutions’ Joe Albers on OT Patching Constraints That Break IT Security Models

Listen Later

Joe Albers, Director of Information Security Operations at Element Solutions, Inc., manages a six-person follow-the-sun security team with a counterintuitive framework: accept reduced alert coverage for 6 months while building strategic automation, then gain exponentially more capacity for threat hunting. His approach to AI rejects black box solutions in favor of transparent contextual enrichment that surfaces device background, related tickets, IP ownership, and cross-tool correlations directly to analysts. 

The OT security challenge exposes assumptions that break outside corporate IT. Joe manages environments where patching happens quarterly instead of instantly, and upgrading security tools can void warranties on multimillion-dollar control systems. His vulnerability management shifts from immediate remediation to detailed risk registers documenting why specific vulnerabilities cannot be mitigated and what compensating controls exist instead. 

 

Topics Discussed:

  • Why deliberately sacrificing short-term alert triage for strategic automation buildout creates exponentially more SOC capacity
  • How transparent AI augmentation through contextual enrichment accelerates junior analyst development without replacing human judgment
  • The leadership framework that treats analyst mistakes as team failures rather than individual performance issues, creating psychological safety
  • Why IT security's instant patching model breaks in OT environments where quarterly cycles, warranty constraints, and production disruption risks require risk registers over rapid remediation
  • How threat actors consistently exploit holiday periods when SOC staffing drops and response capacity diminishes
  • The vulnerability management shift from immediate IT patching to OT risk documentation
  • Why hiring for curiosity and basic networking knowledge produces better security analysts than extensive credentials
  • How to present security ROI by translating annual tool costs into prevented business losses
  • Why succession planning focuses on identifying analysts who actively ask why and how rather than those with the most certifications

    • Listen to more episodes: 

    Apple 

    Spotify 

    YouTube

    ...more
    View all episodesView all episodes
    Download on the App Store
    Beyond the AlertBy Dropzone AI