This session provides essential guidance for OT owners and operators on selecting secure digital products. Focusing on secure by design principles, it examines key considerations—configuration management, secure default settings, logging, open standards, strong authentication, threat modeling, and vulnerability management—to help mitigate cyber risks. It is based on recent work from agencies such as CISA, NSA and FBI. Expected Outcome: With cyber threat actors increasingly targeting OT products, this session offers actionable insights for evaluating and procuring digital systems that protect critical infrastructure. Intended Audience: Operational Technology (OT) Owners and Operators Procurement Decision-Makers Cybersecurity Professionals / CISOs Infrastructure and Industrial Control Managers