OT cybersecurity challenges: Q&A with Rob Larsen

Since the subject of cybersecurity in manufacturing is so prominent, Smart Industry asked Rob Larsen to answer some questions about security, particularly in OT, which in the last year has been shown to be highly vulnerable.

A recent ReliaQuest report and another from intelligence firm S-RM found spearphishing to be a top problem and ransomware to be a continuing threat.

What follows is our Q&A with Rob:

How is the convergence of OT reshaping cybersecurity strategies in manufacturing, and what role does identity security play in this transformation?

The IT and OT convergence is expanding the manufacturing attack surface, and identity protection is becoming a critical component in securing manufacturing environments. If organizations fail to protect identities, a chain reaction begins—the first domino to fall (be compromised) in a breach is an identity. Every account, whether tied to a human user, a privileged administrator, or an OT system, requires a robust identity protection strategy.

Episode 5 of (R)Evolutionizing Manufacturing: More of the Art of the Practical

Unlike traditional IT environments, OT systems often rely on legacy infrastructure, shared credentials, and machine-to-machine communication, making identity security even more challenging.

As manufacturing facilities embrace digitization, adopt IT solutions, and enable capabilities such as remote access, attackers increasingly exploit identity-based vulnerabilities, enabling them to move laterally between IT and OT systems, compromise critical systems, applications, and directories, and conduct ransomware attacks costing companies millions of dollars annually.

To mitigate these risks, organizations must prioritize identity protection strategies, adopt zero-trust principles, understand the types of devices in the manufacturing facilities, identify and protect all network ingress/egress connections, and continuously monitor for suspicious behavior.

In today’s world, identity is where every attack begins. For manufacturers navigating OT-IT convergence, addressing identity protection is not just a nice thing to do; it’s a must.

Manufacturing has become one of the most targeted industries for cyberattacks. What makes it such an attractive target?

Manufacturing is facing constant threats from cybercriminals with no signs of slowing down. The sector’s attractiveness lies in its combination of high-value data, critical operational processes, older, less secureable systems and often outdated or insufficient security measures. As a result, manufacturers frequently fall victim to ransomware, data breaches, and other cyber threats, each with potentially devastating consequences.

Webinar: Cybersecurity center stage in 2025 and beyond

A key driver for this recent surge in attacks is the industry's low tolerance for downtime, meaning even brief disruptions can lead to massive financial loss, reputation damage, and eroded customer trust. Many manufacturing operations rely on a seamless flow of production, and cyber criminals understand that halting or tampering with this flow provides powerful leverage, especially in ransomware attacks.

As manufacturers adopt IoT and AI to enhance operational efficiency, what security challenges arise, and how can they be addressed effectively?

As manufacturers continue integrating OT and AI to streamline operations, they will continue to face traditional cybersecurity challenges like sensitive data exfiltration, attacks, and ransomware malware infections.

Crystal Ball 2025: The rise of resilient manufacturing

Adding AI to the OT security strategy is a double-edged sword. While it may help accelerate threat detection and response, simplify and harmonize protection, and remediate actions, AI itself may also be an attack vector. To mitigate AI risks, organizations need to:

• Implement Explainable AI (XAI) to ensure decision transparency and test often against standard and non-standard use cases before implementation.
• Regularly audit AI models to detect and correct biases, identify anomalies and logic conflicts.
• Integrate cybersecurity measures like monitoring and AI threat detection into existing incident response processes.
• Develop comprehensive testing to ensure determined expected results.
• Develop AI governance policies and practices to set expectations with internal teams, regulators, and vendors.
• Establish robust change and configuration management practices to ensure the  authenticity and integrity of AI software provenance.

AI will be a powerful addition to OT security, but only if deployed thoughtfully with clear oversight, rigorous testing, and robust security measures to reduce risks and protect sensitive data.

The shift toward securing OT environments has gained momentum. What factors are driving this focus, and how should manufacturers prioritize their efforts to stay ahead of threats?

Several factors are driving the increased focus on OT security, including the rising frequency and cost of cyberattacks and growing regulatory pressures that require manufacturers to secure their OT environments.

As a first step, manufacturers should ensure they have complete visibility of OT devices in their environments, identify vulnerable legacy systems, understand the network ingress and egress, and implement identity-based security controls.

Cybersecurity for operational technology: A guide for 2025

Basic security hygiene practices—such as regular patching, OT device security, incident response integration, penetration testing, and rapid response to vulnerabilities—are essential as they raise the degree of difficulty it takes to compromise the environment.

Applying zero-trust principles across IT and OT systems will also minimize risk. This includes implementing multifactor authentication (MFA) across all access points, enforcing least-privilege access for users and machines, and continuously monitoring for anomalous activity.

As important as the technical side of cybersecurity is, creating collaboration between teams also is crucial. The existing organizational gaps between manufacturing engineers, IT, and cybersecurity teams often hinder the development and execution of a unified cybersecurity plan. So even if manufacturers implement a better security strategy, if they don’t close the collaboration gap, it won’t matter.

You mentioned that a common issue in manufacturing security is the communication gap between mechanical engineers, IT, and security teams. Can you expand on that more? How can organizations bridge this gap?

Bridging the gap between mechanical engineers, IT, and the cyber security teams is a big hurdle the industry must overcome to secure manufacturing environments effectively. Historically, these teams have operated in silos, each with different priorities and missions that often result in organizational friction and inefficiencies in security planning.

To break down these walls, security teams need to understand the roles and responsibilities of each group. Leadership should align on a shared security vision and strategy and promote collaboration across all teams. Regular cross-team meetings, joint roadmap planning, and collaborative product testing should become standard practice.

Survey: AI speeding past ‘hype’ and toward ‘mature’ adoption, though IT and OT differ in use

At General Motors, I learned firsthand the immense value of understanding the work, challenges, priorities, and schedules of the manufacturing engineering and IT teams. I believe the give-back model is incredibly effective in this context. When you prioritize the needs of other teams, you build goodwill and trust, fostering natural partnerships when security challenges arise.

A well-aligned security strategy isn’t just about reducing friction—it directly strengthens manufacturing resilience. When security is embedded into operational processes, manufacturers can mitigate cyber risks more effectively, minimize downtime, and ensure production continuity even in the face of attacks.