Building sustainable OT cybersecurity
- By Raphael Bolze
- 14 Nov 2025
- 5 min read
- 90%*of global organizations experienced at least one OT cybersecurity breach in the past 18 months
- 28%**of organizations lack a dedicated ICS/OT incident response plan
- 46%***of OT security leaders say a successful cyberattack is likely or very likely to cause a plant shutdown
In today’s industrial and critical infrastructure environments, Operational Technology (OT) cybersecurity is no longer a niche concern; it is a business and societal imperative. The triad of people, process, and technology has often been spotlighted to build a strong cybersecurity foundation.
However, this framework must evolve. The growing sophistication of cyber threats, combined with rising regulatory demands, such as those introduced by European directive NIS2 setting up a unified legal framework to uphold cybersecurity across the region, calls for a more comprehensive and adaptive approach.
While many organizations embrace the triad in principle, they often face challenges in execution: knowing where to begin, identifying priorities through a risk-based lens, and avoiding blind spots that undermine resilience. Too often, compliance becomes the goal rather than the outcome of a mature security posture.
Let’s get on a practical roadmap for building sustainable OT cybersecurity, one that strengthens resilience while aligning with modern threats and regulatory realities.
Schneider Electric’s wider OT cybersecurity experience is informed by its program spanning more than 200 industrial sites worldwide. Here are the cornerstones of an OT cybersecurity strategy that stand out when it comes to people, process and technology.
Cybersecurity starts with people and is paramount for the future of an organization according to the World Economic Forum.
- Building a cybersecurity culture in the OT world means recognizing that protection is everyone's responsibility, from operators to executives, not just a concern for the IT department.
- Training and awareness efforts should be tailored to OT environments, enabling teams to recognize and respond to cyber risks. Cyber champions need targeted upskilling to effectively manage cybersecurity within industrial sites.
- Cross-functional collaboration is essential. This can be achieved by appointing a unified CISO responsible for both IT and OT domains.
Strong processes provide structure and consistency.
- Complying with international standards, such as IEC/ISA 62443, which defines security requirements for industrial automation and control systems, helps ensure integrity and regulatory alignment
- Legacy systems often introduce vulnerabilities, so targeted action plans are needed to phase out or secure outdated assets.
- Zero Trust principles, often discussed in IT environments, are equally relevant in OT, such as authentication methods suited to factory operations and constraints.
Technology enables visibility, detection, and resilience.
- Asset inventory tools and network segmentation provide real-time insights to support risk assessments.
- OT-specific monitoring and response capabilities help detect anomalies and coordinate remediation across industrial networks.
- Secure-by-design principles and dedicated backup solutions ensure long-term protection and operational continuity.
In Schneider Electric’s plants, cybersecurity culture is built through hands-on initiatives. Awareness is promoted via internal events and dedicated intranet portals that help employees recognize and report threats. Training includes mandatory yearly learning and targeted modules tailored to the specific profiles of shop floor employees. Regular engagement on cybersecurity topics is fostered by cyber champions, ongoing communications, open forums, and shared best practices that encourage collaboration between IT and OT teams.
Adopting the wrong mindset
Underestimating the effort required for change management can hinder cybersecurity progress, especially when a 'if it’s not broken, don’t touch it' mindset persists.
Embracing cybersecurity as a driver of cultural transformation builds lasting resilience.
Lack of dedicated budget
Not having a dedicated or sufficient budget for OT cybersecurity can prevent critical initiatives from being launched or sustained.
Securing executive support ensures that the right efforts are prioritized and properly resourced to protect industrial operations.
Non-tailored policies
Applying IT-centric policies without adapting them to OT realities can overlook the unique constraints of industrial environments.
Tailoring cybersecurity policies to reflect operational nuances ensures they are both effective and practical on the ground.
Lack of central governance
Allowing for too much flexibility for local adaptation can result in fragmented practices and diluted impact.
Encouraging an ‘adopt not adapt’ approach, while providing extra support to less mature sites, helps raise the bar across the organization.
Separated from daily routine
Failing to embed cybersecurity into daily operations can keep it separate from core routines and limit its effectiveness.
Treating it as an integral part of the operational culture alongside safety and quality helps make cybersecurity the new normal on the shop floor.
Integrating cybersecurity into daily operations calls for clear ownership. Appointing a cyber champion or a Cybersecurity Site Leader (CSL) in each plant ensures accountability for the site's cybersecurity posture with responsibilities including vulnerability management, alert response, and policy enforcement, all within the plant’s operational flow.
To support this role, the Cybersecurity Connected Services Hub bridges plant-level execution and centralized cyber defense, coordinating incident investigation and remediation. This structure enables IT and OT teams to collaborate effectively and fills the operational gap between the CSL and the Security Operations Center, which oversees broader threat detection and response.
Gartner states that among the future goals that cybersecurity leaders should aim for is security as a business enabler. This observation applies to OT as it creates opportunity by securing the foundation needed to unlock the full potential of operational data.
When industrial systems are protected, organizations can more confidently deploy predictive maintenance, optimize energy use, and enable real-time decision-making. Trusted data environments accelerate digital transformation, reduce downtime, and improve efficiency, turning cybersecurity into a catalyst for innovation and growth.
A KPI-driven strategy reinforces this shift by translating technical complexity into business language. Examples include the percentage of patched assets, number of reported anomalies, and cybersecurity performance indexed in plant dashboards. These indicators make cybersecurity measurable and visible, enabling management to make informed decisions, securing executive buy-in, and ensuring follow-up on critical actions.
A comprehensive approach to OT cybersecurity should focus on the integration of secure by design principles into industrial products, and secure by operations practices across manufacturing and operational environments, as highlighted in the World Economic Forum “Global Cybersecurity Outlook 2025” report featuring a Schneider Electric case study.
Secure by demand, promoted by CISA, adds a market-driven dimension. When customers consistently expect cybersecurity as a baseline, they encourage vendors to build protection into their products from the outset. These principles strengthen the entire lifecycle of industrial systems and fosters long-term resilience.
The triad of people, process, and technology remains central to this transformation. When adapted to modern threats and regulatory expectations and supported by strategic models such as the Zones of Influence approach, it enables organizations to move beyond compliance and build sustainable cybersecurity programs.
Latest in Digitalization
How AI at the edge is transforming HVAC systems for efficiency and comfort
Reinventing cities: Driving urban resilience with digital innovation
Maximizing building efficiency with advanced wireless IoT sensors
The rise of smarter homes: harnessing AI for energy efficiency and resilience
