OT Security Under the CISO’s Watch: Why Operational Technology Needs to Be a Priority

The Rising Stakes: OT Attacks Are Escalating

OT systems are now on the frontlines of cyber warfare, particularly as IT and OT environments merge. Recent data from the 2024 Report on the State of Operational Technology and Cybersecurity, shows that OT cyberattacks have surged by 74% in the past year, with threats affecting energy grids, water supplies, and manufacturing processes.As OT systems become increasingly integrated with remote access and monitoring to keep pace with today’s hybrid environments, they are facing greater exposure to the same sophisticated cyberattacks as IT networks.

With critical infrastructure at risk, CISOs must recognise that OT security breaches have the potential to disrupt entire sectors, harm the public, and even endanger lives. Yet, many OT systems are decades old and were never designed to withstand modern cyber threats. This creates an urgent need for a proactive, resilient security framework for OT—one that balances protection with the operational continuity these systems require.

Why OT Has Become a CISO Priority

1. Legacy Systems Create Vulnerabilities:
Many OT systems are 20 to 30 years old, designed for continuous operation with a focus on durability rather than cybersecurity. Unlike IT systems that are regularly patched and updated, many OT systems cannot afford downtime for security updates, making it difficult to address vulnerabilities. However, failing to maintain these systems leaves critical security gaps, increasing the risk of exploitation by sophisticated cyber threats.

2. Increased Attack Surface Through IT/OT Convergence:
With IT and OT increasingly interconnected, a breach in IT can now potentially impact OT, and vice versa. This expanded attack surface means CISOs need to consider OT security as part of a holistic cybersecurity strategy. The days of air-gapped OT systems are long gone, and new access points introduce risks that must be managed meticulously.

3. High Impact of OT Breaches:
Unlike IT breaches, which typically involve data theft, OT breaches can have direct physical impacts, such as halting production or compromising safety. A prime example is the 2000 Maroochy Shire sewage incident in Queensland, where an attacker exploited outdated credentials to manipulate sewage systems, resulting in severe environmental damage. This case highlights the far-reaching consequences of OT security gaps, including environmental harm and operational disruption. For CISOs, it’s crucial to recognise that OT breaches can lead to catastrophic outcomes that go well beyond financial losses.

4. Regulatory Pressures Are Rising:
With critical infrastructure increasingly targeted, regulatory bodies around the world are strengthening OT security standards. These standards emphasise risk assessments, network segmentation, and continuous monitoring as essential practices for safeguarding OT environments. Non-compliance not only increases security risks but also exposes organisations to hefty fines and reputational damage. For CISOs, staying ahead of regulatory demands is as important as preventing attacks. For CISO and IT Security leaders, staying proactive about evolving regulatory requirements is just as crucial as defending against cyber threats. (2024, Cybersecurity Laws and Regulations Australia 2025).

The Challenges of OT Security: Why It’s So Complex

1. Downtime is Not an Option:
OT systems are designed to run continuously. Unlike IT environments, where servers can be taken offline for updates, shutting down OT systems for security patches or upgrades can cause extensive operational disruptions and financial losses. These systems were not designed with frequent patches in mind, and many of them still rely on legacy technologies that make updates and maintenance difficult to perform without impacting productivity. As such, securing OT systems without interrupting operations presents a unique challenge for CISOs, who must find ways to balance security needs with the critical need for operational continuity

2. Limited Visibility and Monitoring in OT Environments:
Many OT systems lack comprehensive monitoring and real-time visibility common in IT environments, making it challenging for CISOs to detect threats before they escalate. Moreover, as many OT systems were not built with security in mind, they often lack even the basic protections such as firewalls and encryption leaving them vulnerable to attacks as OT and IT networks become more interconnected.

3. Lack of Cybersecurity Maturity in OT Operations:
Recent studies highlight that only a small proportion of organisations have successfully integrated OT systems into their broader cybersecurity frameworks. This discrepancy in security maturity forces CISOs to navigate the complexities of managing two distinct domains within a single organisation. As a result, bridging the gap between these systems is not only a technological challenge but a cultural one, with different priorities, risks, and operational impacts at play

Key Strategies for CISOs to Strengthen OT Security

As OT becomes a greater priority, CISOs can adopt specific strategies to address the unique challenges of these environments:

1. Prioritise Network Segmentation and Zero Trust
Implementing network segmentation and a Zero-Trust model across IT and OT environments is critical to containing potential breaches. Segmenting the network isolates OT systems from IT and other parts of the network, limiting the impact of any attack. A Zero-Trust approach further enforces strict access controls, ensuring each access point and device interaction is verified continuously.

2. Embrace Real-Time Monitoring and Predictive Maintenance
Real-time monitoring solutions provide CISOs with enhanced visibility into OT systems, allowing for early detection of vulnerabilities before they are exploited. Predictive maintenance, powered by real-time data insights, can prevent equipment failures and unplanned downtime, creating a dual benefit of enhanced security and operational resilience.

3. Use Virtual Patching to Secure Legacy Systems
With many OT systems too fragile to take offline for security updates, virtual patching offers a solution. By applying security patches virtually, CISOs can protect legacy systems without disrupting operations. Virtual patching also shields vulnerable systems from potential exploits, allowing organisations to secure OT environments incrementally.

4. Establish Cross-Functional Teams to Foster Collaboration
Aligning IT and OT teams under shared goals and objectives fosters a unified approach to cybersecurity. Cross-functional teams ensure that both IT and OT experts contribute to building secure and resilient systems, addressing potential gaps that may arise from siloed operations.

Leveraging Tesserent and Fortinet for OT Security

To effectively protect OT environments, CISOs need a resilient, scalable solution that provides end-to-end visibility and security across both IT and OT networks. Fortinet, recently recognised as the sole Leader in Westlands Advisory’s 2023 IT/OT Network Protection Platforms Navigator, offers advanced IT/OT network protection technologies, while Tesserent provides localised expertise and regulatory Operational Technology Advisary tailored to the Australian market.