Think Global but Act Local – A Practical Approach to Solving Common OT Security Maintenance Problems

The current OT security landscape is typified by common trends such as increased cyber risk, growing pressure from corporate and regulatory bodies to implement security programs and an influx of IT teams ‘muscling’ their way into OT in OT cyber security practice. These trends continue to put pressure on OT practitioners to both accelerate their use of technology as well as find innovative and creative ways to scale those solutions across multiple assets and sites but managed by a scarce, often remote support team all while balancing the need to use IT tools but to apply OT safe practices and processes.

This combination of factors has led a number of operational entities to employ what we call a ‘Think Global but Act Local’ approach to security. In essence, a central team of skilled security people centrally monitor and identify all OT assets in scope across multiple operational facilities. Security actions or trends that require execution or remediation are identified. This team, in conjunction with OT specific representation at site, then plan, schedule and execute the tasks through automated technology with on site, OT oversight. This approach provides multiple benefits to the operating company such as:

  1. The importance of man and machine – combining people, process and technology
  2. Injection of and oversight by key OT staff to ensure safe operations
  3. Automation allows for granular insight PLUS granular control in the identification and application of compensating controls when patching not possible
  4. Bridges and leverages the best of both IT skills and OT insight
  5. Provides operators with a way to take action as opposed to just alerting