Re-Assessing the Executive Role in Industrial Security

June 3, 2024
As cyber threats to industry escalate, the C-suite and board of directors must take an active role in ensuring the security and resilience of their manufacturing operations.

Traditionally, the responsibility for cybersecurity has fallen on the shoulders of the IT department. But if you're not going to make your chief information security officer (CISO) or chief information officer (CIO) your new plant manager, then you're going to have to get OT (operations technology) and the manufacturing team more engaged in how they're going to secure and protect this environment.

The consequences of neglecting cybersecurity in the manufacturing environment can be severe. Downtime, production disruptions and compromised product quality can result in significant financial losses and reputational damage. Craig Duckworth, president and CEO of Velta Technology, emphasizes the importance of addressing liability: "As an organization, the executives and the board of directors are now being held liable and personally responsible, in addition to the organization, for not providing that same amount of due diligence and care."

To effectively mitigate risk and ensure the security of their manufacturing operations, organizations must adopt a proactive and comprehensive approach. This begins with understanding the unique challenges and complexities of the OT environment. Unlike traditional IT systems, industrial control systems often consist of legacy equipment, proprietary protocols and a range of devices from multiple vendors. Securing these systems requires specialized knowledge and expertise that goes beyond the scope of traditional IT security.

One of the key steps in securing the manufacturing environment is establishing continuous monitoring and asset inventory management. Organizations have all different kinds of metrics and methodologies to determine how good they are at making goods. That same discipline needs to be applied to the cybersecurity and its measurement of the plant floor. That means you have to know your risk.

By implementing tools and technologies that provide real-time visibility into the OT environment, organizations can gain a better understanding of their assets, vulnerabilities and potential threats.

However, securing the manufacturing environment is not solely a technical challenge. It requires collaboration and alignment between IT and OT teams, as well as the involvement of key stakeholders such as process control engineers and asset owners. Duckworth emphasizes the importance of this collaboration: "It takes involvement. It takes time. It takes key people that are, as I would call them, the asset owners—the process control engineers, the teams down in the plant floor that are responsible for those assets. They have to know how to interpret the data that they feed to the C-suite so that business decisions on risk can be made."

To drive this collaboration and ensure the success of cybersecurity initiatives, the C-suite and board of directors must take an active role in setting the tone and prioritizing cybersecurity as a strategic imperative. This includes allocating the necessary resources, establishing governance frameworks and fostering a culture of security awareness throughout the organization.

Furthermore, organizations must recognize the importance of engaging with their supply chain partners and OEMs to address cybersecurity risks. No matter who you are selling to or partnering with, they're starting to expect that you're doing that due diligence on OT cybersecurity.

Dino Busalachi is chief technology officer and co-founder of Velta Technology, an integrator member of the Control System Integrators Association (CSIA). For more information about Velta Technology, visit its profile on the CSIA Industrial Automation Exchange

Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.

Micro Motion 4700 Coriolis Configurable Inputs and Outputs Transmitter

The Micro Motion 4700 Coriolis Transmitter offers a compact C1D1 (Zone 1) housing. Bluetooth and Smart Meter Verification are available.