I'm an OT security guy from rural Alabama. Twenty years in industry — mining, oil and gas, manufacturing, both process and discrete. Forty of fifty US states, most of Canada, and adjacent work across Southeast Asia, Central America, Australia, Europe, and Africa.
I design and defend the control systems behind the things that cannot fail. The plant comes first. Availability, integrity, confidentiality — in that order — with safety underneath all of it.
Sovereignty isn't something somebody gives you. It's something you build. It means owning the infrastructure, training your own engineers, writing your own code, and being able to audit what's running on your networks.
If you can't do it, you don't own it. And if you don't own it, it's not sovereign.
That principle scales. Digital sovereignty at the national level and operational technology independence at the plant level are the same problem at different scales. Who owns the stack? Who can see the traffic? Who do the devices call home to? Who can alter the firmware?
And underneath all of that, the substrate distinction. Control systems act on physics, not on information. The plant's substrate is governed by safety, reliability, and performance — in that order. The information layer that watches it lives under confidentiality, integrity, availability. Two governance models, one architecture. The fractal doesn't collapse at the top: same unit at every level, only scope changes.
It's not a policy problem. It's an engineering problem. That's where I work.
I do industrial security consulting. The form that takes, most typically: I work with customers in their brownfield environments to come up with a security plan that works for the operating environment as it sits. The customers right now are mostly discrete manufacturing and a few automotive. Some food and bev. A little chem and pharma. Oil and gas and mining when the geography calls for it. IEC 62443 underpins everything I do.
Chief Strategy Officer · River Risk Partners
Industrial loss prevention · nuclear, energy, critical infrastructure
Strategy and architecture for operators with high-consequence assets and zero tolerance for downtime. Programs that survive when the cloud, the WAN, and the vendor portal don't.
Owner / Technical Principal · Northern Shield Rugged Technologies
Industrial wireless · northeast British Columbia · −40 °C to +40 °C
Field engineering for extreme-environment industrial networks across 200+ remote sites. Where the truck is a day away and the radio either works or doesn't.
Founder · Industrial Independence Alliance
A coalition and an architectural doctrine for sovereign-per-zone industrial systems. OT and IT are distinct disciplines. Convergence is a marketing word, not an engineering one.
When an installation of one of the most common OT security platforms — and I won't name them — costs a hundred thousand dollars US upfront in professional services plus a minimum of fifty thousand a year in licensing, that's not tenable for the African market. And honestly, it shouldn't be palatable for the rest of us either.
So I build my own. A doctrine, a method, a platform, and the open-source tooling that the doctrine and the method imply. Each piece is small. They stack.
Industrial Independence Architecture
One self-contained unit at every zone of an industrial network. Identical at every level. Scope is the only thing that changes.
industrialindependence.org
The SECURE Method™
IEC 62443 simplified for industrial networks. Making industrial cybersecurity standards actually usable in the real world.
| S | Segment your networks | 62443 · 3-2 |
| E | Establish security levels | 62443 · 3-3 |
| C | Control access | 62443 · FR1 |
| U | Update responsibly | 62443 · 2-3 |
| R | Respond to incidents | 62443 · 2-1 |
| E | Evaluate continuously | 62443 · 2-1 |
"The best industrial cybersecurity is the kind that makes operations more reliable, not less."
Read the method →
Conversational Factory
A factory you can talk to. Read-only by architecture, not by policy. An IIA implementation.
conversationalfactory.com
MarlinSpike
The modern GrassMarlin. Open-source passive OT/ICS topology workbench. Web, multi-user. Passive only — packets in, zero out.
grassmarlin.com
GlassMarlin
The desktop bundle of MarlinSpike. Same engine, single-user, runs on the analyst's laptop.
glassmarlin.com
CloudMarlin
Surface threats in packet captures. No setup. No data leaves your tenant. Wireshark is necessary but insufficient.
cloudmarlin.com
▲ Note: In 2026 the original GrassMarlin picked up its first CISA advisory — ICSA-26-118-01, XXE in the PCAP parser, all versions, CVSS 5.5 — and there is nobody home to fix it. The Marlin family above is what picks up where it left off.
Forty-plus pieces, published as the Riverman. Some are essays, some are CVE analyses, some are field stories from a control room nobody was supposed to be in. A selection follows; the rest live on LinkedIn.
Twenty years across heavy industry. The geography keeps moving; the work keeps adding up. By the way — most OT work is defending legacy. Greenfield is rare, and when it shows up you have an obligation to get it right, because the decisions lock in for decades.
Geography
40 of 50 US states · most Canadian provinces
Southeast Asia · Central America · Australia · Europe · Africa
Sectors
Mining · oil & gas · manufacturing
Both process and discrete · food & bev · chem/pharma · nuclear
Scale
Largest cloud-native SCADA of its kind:
4,600 field devices · 14-state territory
Industrial wireless across 200+ remote sites
Standards
IEC 62443 underpins the practice.
Purdue / PERA · NIST · ISA
Education
MBA · Management Information Systems
BS · Finance & Management
Email gets the fastest reply. Everything else is for context. If you're thinking about advisory, strategy, an architecture review, a podcast, or any of the open-source work — write.
≈ Riverman · river@riverman.io · MMXXVI