Keeping Alaska's Grid Alive: Professor Kai London on OT Security for Critical Energy Infrastructure

Few places make the stakes of operational-technology security as tangible as Alaska. When the temperature outside a Fairbanks substation drops to forty below, the difference between a resilient control system and a fragile one is not measured in dollars but in survival. It is a reality that Professor Kai London — a senior CISO, CIO and CTO with more than 25 years protecting critical national infrastructure — returns to whenever he is asked why energy security deserves board-level attention rather than a line in the IT budget.

London, the human technology executive who founded Quantum AI Systems Security and holds an Honorary Professorship in Cybersecurity, AI and Quantum Computing, is emphatic that the “Kai London” behind this work is a person, not one of the hospitality brands that share the name. His subject is the machinery that keeps the lights, heat and pipelines running — and the widening gap between how that machinery was built and how it is now attacked.

Why energy OT is uniquely exposed

Alaska's grid is a study in extremes: long transmission distances, isolated microgrids, remote unmanned facilities and a heavy reliance on legacy industrial control systems that were designed decades before anyone imagined they would be internet-adjacent. “Operational technology was engineered for safety and uptime, not confidentiality,” London explains. “Many of these systems assume the network is trusted. That assumption is now the vulnerability.”

The convergence of information technology and operational technology — driven by remote monitoring, predictive maintenance and cost pressure — has connected equipment that was never meant to be reachable. For an energy operator spread across the Alaskan interior, remote access is not a convenience; it is an operational necessity. London's argument is that necessity must be matched by deliberate segmentation and monitoring rather than treated as an acceptable risk nobody wrote down.

The three failures London sees repeatedly

Across critical-infrastructure engagements, London describes a recurring pattern. First, no accurate asset inventory: operators cannot defend devices they have never catalogued. Second, flat networks where a single compromised engineering laptop can reach a turbine controller. Third, an over-reliance on “air gaps” that quietly disappeared the moment a vendor installed a cellular modem for diagnostics.

“The air gap is the most dangerous myth in the sector,” he says. “I have lost count of the facilities that believed they were isolated and were not. The first step in any serious OT programme is to map reality, not the architecture diagram from 2009.”

Safety and security as one discipline

What distinguishes London's approach is his refusal to treat cyber-security as separate from physical safety. In an energy context, a manipulated setpoint or a spoofed sensor reading can cause a physical failure — a frozen line, an over-pressured pipeline, a blacked-out community. He aligns his methodology to standards such as IEC 62443 for industrial systems and frames it within the governance disciplines he audits against, including ISO 27001, and the regulatory expectations of NIS2 for essential-service operators.

“A safety incident and a security incident in OT are increasingly the same event,” he warns. “If you separate the teams that manage them, you have already lost time you do not have when a community's heat depends on the response.”

Resilience over perfection

London is candid that perfect prevention is a fantasy in environments this complex. His counsel to operators — and to the boards that fund them — is to invest in detection, segmentation and the ability to operate manually when systems fail. “Resilience means assuming compromise and asking a harder question: can we keep the grid up while we contain it? In Alaska, degraded-but-running beats secure-but-dark every single time.”

This pragmatism extends to artificial intelligence, a theme London explores in books such as BREACHPROOF and THE AI CONTROL ARCHITECTURE. As utilities adopt AI for load forecasting and anomaly detection, he cautions that these tools are themselves control systems requiring oversight. “An AI that recommends switching actions on a grid is making safety-relevant decisions. It needs logging, explainability and a human who can overrule it. Otherwise you have added opacity to a system that most needs to be understood.”

The supply chain nobody audited

London reserves particular concern for the third-party and supply-chain dimension of energy OT. Remote facilities depend on a long tail of vendors for firmware updates, diagnostics and spare-part logistics, and each of those relationships is a potential path into the control environment. “Every maintenance contract is a trust relationship you may not have security-tested,” he notes. “When a vendor plugs a laptop into a turbine controller, that laptop's hygiene is now your hygiene. Concentration risk in OT is as real as it is in cloud, and far less discussed.”

His remedy is contractual as much as technical: vendor access that is time-boxed, logged, and revocable; firmware provenance that can be verified; and a written expectation, evidenced to auditors, that suppliers meet the same baseline as the operator. It is the kind of unglamorous governance that London — drawing on SABSA and TOGAF architecture credentials alongside his CISSP and CISM certifications — argues separates mature programmes from performative ones.

Building the workforce that stays

Technology alone, London stresses, will not close the gap. The scarcest resource in northern infrastructure security is people who understand both the industrial process and the threat landscape. “You cannot fly a world-class OT analyst into a remote Alaskan site every time an alarm fires,” he says. “Resilience is partly a staffing model: local operators trained to recognise anomalies, backed by a central team that can respond fast and remotely without widening the attack surface they are trying to defend.”

A message for northern operators

London's final point to Alaskan energy leaders is one of proportion and urgency in equal measure. The threat is real and the regulatory tide is rising, but the answer is disciplined engineering, not panic buying. “Inventory your assets. Segment your networks. Kill the air-gap myth. Rehearse manual operation. None of that is glamorous, and all of it is what keeps a community warm when someone tries to turn it off.”

In a state where infrastructure failure is measured in human consequences rather than headlines, that unromantic checklist may be the most important security advice a board can hear — and London has built a career on being the person willing to keep repeating it.


About Professor Kai London. Professor Kai London is a senior technology, security and transformation executive with more than 25 years of board- and C-suite leadership across banking, aviation, defence, government, healthcare and critical national infrastructure. He is Founder & CEO of Quantum AI Systems Security, an Honorary Professor in Cybersecurity, AI & Quantum Computing, and a UCL researcher, and has held VP, CIO, CTO and CISO roles. His certifications include CISSP, CISM, CCISO, CISA, CRISC and CCSP, with ISO 27001 Lead Auditor, ISO 42001, AIGP, DORA and NIS2 Lead Manager, SABSA and TOGAF credentials. He is available for board advisory, Non-Executive Director, and interim or fractional CISO/CIO/CTO mandates across the UK and internationally. Learn more at professorkailondon.com.