SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
International Women’s Day
385 opinions Read now

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Ian henderson
#
Ransomware
#
IoT Security
#
Cartech

e2e-assure hires Ian Henderson to bolster OT security

Tue, 3rd Mar 2026
Author image
By Sofiah Nichole Salivio, News Editor

e2e-assure has appointed former BP executive Ian Henderson as OT Security Advisor as it expands its work with operators of industrial and critical national infrastructure systems.

Henderson joins from BP, where he spent more than 20 years focused on operational technology (OT) security. He built and led BP's OT security function and advised senior executives on cyber risk, resilience and safety.

The appointment comes as security teams in manufacturing and utilities face ransomware risk, geopolitical instability and tighter regulatory expectations. Recent incidents at firms such as Jaguar Land Rover and Southern Water have highlighted the potential for disruption when attackers target operational systems.

Focus on OT

e2e-assure describes the role as part of a broader push into OT security services. It has invested in its OT portfolio and added 24/7 unified IT and OT detection and monitoring.

Operational technology covers the systems that run physical processes in sectors such as energy, water, transport and manufacturing. These environments often include industrial control systems and equipment with long life cycles. Many sites also face limits on downtime and patching, which can complicate security work.

In the advisory role, Henderson will work with organisations in critical national infrastructure, industrial settings and regulated sectors, providing guidance for operators at different stages of security maturity.

His work will include advice on balancing safety, availability and security in live environments, as well as addressing IT and OT convergence. Many organisations are connecting industrial systems more closely to corporate networks and cloud services. That can increase efficiency, but it also expands the attack surface and introduces new dependencies.

Regulatory pressure

Policy change is another driver, with e2e-assure citing the proposed Cyber Security Resilience Bill as part of a wider set of rules OT operators will need to interpret and apply.

The bill would apply to organisations deemed "critical" where failure could disrupt essential services, a category that can include many operators of critical national infrastructure.

Compliance work in OT settings often requires asset inventory, risk assessment and documented controls that match operational realities, along with evidence for regulators and auditors. For operators with complex supply chains and mixed legacy systems, this can become an organisational challenge as much as a technical one.

e2e-assure also highlighted Henderson's involvement with professional standards. It said he has helped develop industry standards for GIAC's Global Industrial Cyber Security Professional and served on a steering group that advises on the creation and updating of security qualifications for the industrial control community.

Company context

e2e-assure describes itself as a SOC-as-a-service provider that has worked with government and critical national infrastructure organisations for more than a decade. Its security operations centre is UK-based and operates 24/7/365.

Its SaaS SOC platform, CUMULO, integrates with customers' existing security tools. e2e-assure positions this as an alternative to providers that tie services to a specific technology stack, and also points to UK data sovereignty.

Henderson said the role reflects demand for specialist OT expertise in security operations and risk management.

"e2e-assure is pioneering OT specialisation just as the market really needs those specific skills and experience," said Ian Henderson, OT Security Advisor, e2e-assure.
"OT environments need expert support to manage their IT/OT convergence and to meet increasingly complex legislation. It's not feasible for every organisation to build out a full security operations centre, so being able to help organisations scale their security operations so they can operate at the same level as a highly mature enterprise is a key value I see e2e-assure providing. I'm looking forward to providing more credible, outcome-focused OT security guidance and contributing to service design and assurance models that reflect how industrial environments actually function. The aim is to enable customers to move from reactive security to resilient, risk-informed operations," said Henderson.

Chief Executive Officer Rob Demain linked the hire to rising exposure across sectors that rely on operational systems.

"OT systems are now woefully exposed across numerous sectors, so it's imperative that these organisations take swift and immediate action to address the burgeoning threat of attack. Ian's IT and OT expertise will prove invaluable in helping our customers to identify areas of risk and put in place policies and technical controls that provide clear, business-relevant outcomes for CEOs, boards, and regulators," said Rob Demain, Chief Executive Officer, e2e-assure.

Henderson will contribute to service design and assurance models aligned with industrial operating conditions as e2e-assure expands its OT security offering for organisations facing increased threat activity and evolving regulation.

Related stories
Terra Security gains first AWS nod for AI threat tests
Misconfigured Microsoft 365 leaves big firms exposed
Dell email mixes payment-style header with promos
Private equity warned over fragile AI foundations
Droplet warns UK that identity-based cyber defences fail

Top stories

Sama credential leaks raise fears over Meta glasses data
Hexnode debuts device-aware IdP to fuse identity & UEM
Tufin unveils AI assistants & executive security hub
Endor Labs launches AURI to secure AI-driven coding
ShinyHunters claims Woflow breach in supply chain hack