In the modern digital economy, few risks carry consequences as tangible, and as
potentially catastrophic, as cyber threats to industrial infrastructure. Power grids, oil and
gas pipelines, manufacturing plants, water systems, and transportation networks
increasingly rely on interconnected operational technology environments that were
never designed with today’s threat landscape in mind. At the center of global efforts to
secure these systems stands Robert M. Lee, Founder and Chief Executive Officer of
Dragos, Inc., and one of the most influential voices shaping the future of industrial
cybersecurity.
Lee’s work occupies a rare intersection of national security, enterprise resilience, and
critical infrastructure protection. As the founder of Dragos, an industrial cybersecurity
company focused exclusively on operational technology (OT), industrial control systems
(ICS), and the Industrial Internet of Things (IIoT), he has helped define how
governments and asset owners understand, prioritize, and respond to cyber threats that
can cause real-world physical impact.
Dragos was built on a clear and focused mission: safeguarding civilization by protecting
the systems that underpin modern society. Unlike conventional IT security firms, Dragos
operates in environments where downtime is unacceptable, safety is paramount, and
cyber incidents can escalate into public safety crises. Under Lee’s leadership, the
company has developed a platform and services portfolio designed specifically for
industrial environments, encompassing asset identification, vulnerability management,
threat detection, incident response, and continuous threat intelligence tailored to OT
systems.
Lee’s authority in this domain is grounded in deep operational experience. His career in
cybersecurity began in the U.S. Air Force, where he served as a Cyber Warfare
Operations Officer assigned to the National Security Agency. In these roles, he
participated in defense, intelligence, and offensive cyber missions across multiple
government organizations. Notably, he played a role in establishing one of the first
dedicated ICS and SCADA cyber threat intelligence and intrusion analysis missions,
work that would later influence how industrial cyber threats are tracked and understood
globally.
This early exposure to nation-state capabilities and critical infrastructure vulnerabilities
shaped Lee’s perspective on industrial cybersecurity. He has consistently emphasized
that industrial environments cannot be secured by simply adapting IT security tools.
Instead, they require domain-specific visibility, threat intelligence, and response
capabilities that respect operational constraints while addressing adversaries capable of
causing physical disruption.
At Dragos, this philosophy has translated into a tightly focused business strategy. The
Dragos Platform provides industrial asset owners with visibility into complex OT
environments, enabling identification of assets, monitoring for malicious activity, and
coordinated response without disrupting operations. Complementing the platform,
Dragos Professional Services delivers proactive and reactive capabilities, including
penetration testing, threat hunting, and incident response tailored to industrial systems.
Dragos ICS Threat Intelligence further extends this model, offering regular reporting on
adversary activity, vulnerabilities, and emerging risks specific to industrial sectors.
Lee’s leadership extends beyond company-building into policy and standards
development. He serves on World Economic Forum subcommittees focused on cyber
resilience for the oil and gas and electricity communities, two sectors whose stability is
foundational to economic and national security. He also sits on the boards of the
International Society of Automation and the National Cryptologic Foundation,
contributing to cross-industry collaboration and knowledge sharing at the highest levels.
In parallel with his private-sector role, Lee continues to serve in the U.S. Army National
Guard, where he leads operational technology cybersecurity, response, and training
efforts within the 91st Brigade. This dual role reflects his belief that industrial
cybersecurity is both a national defense issue and a shared responsibility between
public and private sectors. His work with the Guard reinforces a practical, readiness-
oriented approach, one grounded in real incidents, real infrastructure, and real
consequences.
Lee has also played a direct role in shaping public policy. He has testified before the
U.S. Senate Energy and Natural Resources Committee and the U.S. House Energy and
Commerce Subcommittee, advising lawmakers on the evolving cyber threat landscape
facing industrial and energy infrastructure. His testimony has focused on closing gaps
between policy intent and operational reality, emphasizing the need for investment,
information sharing, and realistic regulatory frameworks that reflect how industrial
systems actually operate.
Education is another defining pillar of Lee’s influence. He is the course author of SANS
ICS515, “Active Defense and Incident Response,” and the lead author of SANS
FOR578, “Cyber Threat Intelligence,” along with their associated GIAC certifications.
Through these programs, Lee has helped train thousands of security professionals,
extending his impact well beyond Dragos and contributing to the development of a
specialized workforce capable of defending industrial environments.
Publicly, Lee is known for his measured, analytical communication style. He avoids
sensationalism, instead focusing on clarity, accuracy, and actionable insight. His work
and perspectives have been featured in major publications, including coverage by The
Washington Post and Forbes, reflecting broader recognition of the importance of
industrial cybersecurity in an era of geopolitical tension and accelerating digital
transformation.
What distinguishes Lee as a cybersecurity leader is not only technical expertise, but
strategic discipline. He has consistently argued that resilience, not just prevention, must
be the core objective of industrial security programs. In environments where disruption
cannot be entirely eliminated, the ability to detect threats early, respond effectively, and
recover safely becomes paramount.
As 2025 approaches, the importance of this leadership model is only increasing.
Industrial systems are becoming more connected, adversaries more capable, and the
stakes of failure more severe. In this context, Robert M. Lee’s influence lies in his ability
to bridge intelligence, operations, policy, and enterprise execution, shaping how critical
infrastructure organizations around the world prepare for threats that extend far beyond
the digital realm.
For CIO Frontline’s Cybersecurity Leaders edition, Lee represents a defining figure in
the industrial cybersecurity landscape: a founder whose work continues to shape how
civilization’s most essential systems are defended in an increasingly contested digital
age.
