In the modern digital economy, few risks carry consequences as tangible, and as potentially catastrophic, as cyber threats to industrial infrastructure. Power grids, oil and gas pipelines, manufacturing plants, water systems, and transportation networks increasingly rely on interconnected operational technology environments that were never designed with today’s threat landscape in mind. At the center of global efforts to secure these systems stands Robert M. Lee, Founder and Chief Executive Officer of Dragos, Inc., and one of the most influential voices shaping the future of industrial cybersecurity.
Lee’s work occupies a rare intersection of national security, enterprise resilience, and critical infrastructure protection. As the founder of Dragos, an industrial cybersecurity company focused exclusively on operational technology (OT), industrial control systems (ICS), and the Industrial Internet of Things (IIoT), he has helped define how governments and asset owners understand, prioritize, and respond to cyber threats that can cause real-world physical impact.
Dragos was built on a clear and focused mission: safeguarding civilization by protecting the systems that underpin modern society. Unlike conventional IT security firms, Dragos operates in environments where downtime is unacceptable, safety is paramount, and cyber incidents can escalate into public safety crises. Under Lee’s leadership, the company has developed a platform and services portfolio designed specifically for industrial environments, encompassing asset identification, vulnerability management, threat detection, incident response, and continuous threat intelligence tailored to OT systems.
Lee’s authority in this domain is grounded in deep operational experience. His career in cybersecurity began in the U.S. Air Force, where he served as a Cyber Warfare Operations Officer assigned to the National Security Agency. In these roles, he participated in defense, intelligence, and offensive cyber missions across multiple government organizations. Notably, he played a role in establishing one of the first dedicated ICS and SCADA cyber threat intelligence and intrusion analysis missions, work that would later influence how industrial cyber threats are tracked and understood globally.
This early exposure to nation-state capabilities and critical infrastructure vulnerabilities shaped Lee’s perspective on industrial cybersecurity. He has consistently emphasized that industrial environments cannot be secured by simply adapting IT security tools. Instead, they require domain-specific visibility, threat intelligence, and response capabilities that respect operational constraints while addressing adversaries capable of causing physical disruption.
At Dragos, this philosophy has translated into a tightly focused business strategy. The Dragos Platform provides industrial asset owners with visibility into complex OT environments, enabling identification of assets, monitoring for malicious activity, and coordinated response without disrupting operations. Complementing the platform, Dragos Professional Services delivers proactive and reactive capabilities, including penetration testing, threat hunting, and incident response tailored to industrial systems. Dragos ICS Threat Intelligence further extends this model, offering regular reporting on adversary activity, vulnerabilities, and emerging risks specific to industrial sectors.
Lee’s leadership extends beyond company-building into policy and standards development. He serves on World Economic Forum subcommittees focused on cyber resilience for the oil and gas and electricity communities, two sectors whose stability is foundational to economic and national security. He also sits on the boards of the International Society of Automation and the National Cryptologic Foundation, contributing to cross-industry collaboration and knowledge sharing at the highest levels.
In parallel with his private-sector role, Lee continues to serve in the U.S. Army National Guard, where he leads operational technology cybersecurity, response, and training efforts within the 91st Brigade. This dual role reflects his belief that industrial cybersecurity is both a national defense issue and a shared responsibility between public and private sectors. His work with the Guard reinforces a practical, readiness-oriented approach, one grounded in real incidents, real infrastructure, and real consequences.
Lee has also played a direct role in shaping public policy. He has testified before the U.S. Senate Energy and Natural Resources Committee and the U.S. House Energy and Commerce Subcommittee, advising lawmakers on the evolving cyber threat landscape facing industrial and energy infrastructure. His testimony has focused on closing gaps between policy intent and operational reality, emphasizing the need for investment, information sharing, and realistic regulatory frameworks that reflect how industrial systems actually operate.
Education is another defining pillar of Lee’s influence. He is the course author of SANS ICS515, “Active Defense and Incident Response,” and the lead author of SANS FOR578, “Cyber Threat Intelligence,” along with their associated GIAC certifications. Through these programs, Lee has helped train thousands of security professionals, extending his impact well beyond Dragos and contributing to the development of a specialized workforce capable of defending industrial environments.
Publicly, Lee is known for his measured, analytical communication style. He avoids sensationalism, instead focusing on clarity, accuracy, and actionable insight. His work and perspectives have been featured in major publications, including coverage by The Washington Post and Forbes, reflecting broader recognition of the importance of industrial cybersecurity in an era of geopolitical tension and accelerating digital transformation.
What distinguishes Lee as a cybersecurity leader is not only technical expertise, but strategic discipline. He has consistently argued that resilience, not just prevention, must be the core objective of industrial security programs. In environments where disruption cannot be entirely eliminated, the ability to detect threats early, respond effectively, and recover safely becomes paramount.
As 2025 approaches, the importance of this leadership model is only increasing. Industrial systems are becoming more connected, adversaries more capable, and the stakes of failure more severe. In this context, Robert M. Lee’s influence lies in his ability to bridge intelligence, operations, policy, and enterprise execution, shaping how critical infrastructure organizations around the world prepare for threats that extend far beyond the digital realm.
For CIO Frontline’s Cybersecurity Leaders edition, Lee represents a defining figure in the industrial cybersecurity landscape: a founder whose work continues to shape how civilization’s most essential systems are defended in an increasingly contested digital age.
