The Industry 4.0 ThinkTank brought together the U.S. manufacturing sector with provocative thinkers, industry leaders and experts to help simplify and humanize the Industry 4.0 digitization process. Couldn’t make it to Chicago? No problem.
GrayMatter’s Cyber Practice Lead Scott Christensen brought back his insights to share an exclusive, all-access look at mitigating OT cyber risk in this Q&A after serving as a panel member.
“It’s a battle of kingdoms between IT teams and production teams.”
Q: What was the best success story you have?
The best one I have is a conversation with a manufacturer who said they’re going to re-architect their systems and how they’re going to go about cyber OT.
Typically, when it comes to OT cyber strategy, it’s a battle of kingdoms between IT teams and production teams. No one is sure who owns cyber in the production world, creating a lack of convergence on what the best methodology is for going forward in cyber security.
The manufacturer’s new way of going forward would involve a team made of both cyber IT security experts and production members, such as plant managers, operational engineers or the COO.
This brings the barriers down of who has ownership of cyber production within the network, creating a team that can work together to mitigate risks.
“They get in a state of paralysis, and it can be detrimental when decisions are at a standstill.”
Q: What insights did you get from manufacturing customers on their biggest cyber struggles?
The biggest struggle I recognized was people trying to overcome their fear of the unknown. Being afraid of doing nothing will cause problems, but people are also afraid that doing something will cause greater problems. They get in a state of paralysis, and it can be detrimental when decisions are at a standstill.
The best advice I can give to a manufacturing VP is to find the quick and easy wins to justify a cyber security program. Don’t try to accomplish everything at once, because that’s when the state of paralysis happens. Look for areas to show success for deploying areas in the production world.
“Understand what you’re trying to achieve, and move forward from there.”
Q: Have most manufacturing companies started a cyber plan?
That’s the interesting part – it’s a pretty even split. Those that establish through OT cyber, a lot don’t have modification based on digitization of manufacturing floor so they’re being thrown out.
The other half haven’t even touched OT from a cyber standpoint and don’t know how to begin mitigating risks.
I get a lot of questions like ‘how do I begin?’ ‘where do I even start?’ and ‘how do I look?’
Most people don’t understand what their assets look like, what their risks are or the facts behind them. For me, the answer is pretty simple — understand what you’re trying to achieve, and move forward from there.
About Scott Christensen
Based out of Houston, Scott is helping spearhead the GrayMatter cyber practice as an industry thought leader on operational technology cyber security. He specializes in helping companies struggling with risk on the journey to digital transformation and mapping out OT cyber strategies.