OT oversight is an expensive industrial paradox. It’s hard to believe that an area can be simultaneously underappreciated, underfunded, and under increasing attack. And yet, with ransomware hackers knowing that downtime equals disaster and companies not monitoring in kind, this is an open and glaring hole across many ecosystems.

Even a glance at the numbers reveals the scale of the threat. Attacks are up 70% year over year in manufacturing because bad actors know that unplanned production pauses account for hundreds of billions of dollars in lost annual revenue among the world’s largest companies. Nonetheless, only 45% of these manufacturers report adequately monitoring OT, and nearly half of the organizations surveyed by Opswat spend just a quarter of their security budget on critical infrastructure protection.

This is a technological, cultural, and budgeting issue that teams must address immediately. Here’s how.

The What and the Why of OT Cybersecurity

Uptime is everything for these sectors. Why? The simple truth is that when a machine stops in food production or energy, output grinds to a halt and money burns. Worse, in sectors like healthcare, lives are on the line. That’s why leaders are more likely to pay the ransom to get their systems back online. Likewise, given that there’s generally less defense of OT compared to IT, there’s a technological incentive to target these assets.

Historically, OT received less security attention because it didn’t demand heightened protection. Most is heavy machinery that’s air-gapped and lasts for decades. However, in recent years, OT systems have become increasingly networked, creating vulnerabilities that could be exploited by would-be hackers. Further complicating matters is that different departments have managed IT and OT as separate silos with little communication between them. As a result, the collision of the two worlds presents a host of monitoring and security problems.

Bridging the Cultural Divide Between IT and OT

There’s a lot of finger-pointing on factory floors because one team often believes the other should be addressing a problem. But, when IT security protocols meet OT operational requirements, gaps are almost inevitable. Fragmented monitoring doesn’t help matters. If teams are using multiple tools that show different pieces of the posture, it’s hard to form a complete picture.

Without unified visibility, issues that cross IT/OT boundaries take longer to resolve and troubleshooting becomes a complex interdepartmental dance. Compounding this is the fact that IT often can’t interpret industrial protocols, and OT struggles with traditional network monitoring. It’s clear that both teams need better platforms that can communicate in both languages.

The reality is that OT needs IT and IT needs OT. This is evident in the Opswat report which found that nearly three out of every five (58%) respondents stated that attacks on OT networks initially occurred through a compromise of IT. Backdoors are bleeding between the two environments and teams need to update their attitude and actions. Protection going forward isn’t a choice of one or the other – IT and OT are equal, intertwined, and must be treated as such.

Aligning Budgets With Leadership and the Landscape

Funnily enough, cybersecurity budgets are increasing but most resources are still focused on IT rather than OT. One way to tip the scales in the latter’s favor is by highlighting that improved OT insight ultimately leads to cost savings. For example, in addition to flagging irregular behaviors, more granular monitoring can enable predictive maintenance. Companies can better keep their finger on the production pulse and recognize issues before they become system failures.

This is something I witnessed firsthand at an automotive parts manufacturer that achieved a holistic view over CNC machines, PLCs, and industrial ethernet switches. The result? An almost 40% reduction in unplanned downtime and annual savings of more than €250,000 from avoided productivity losses and repair expenses. The system became self-sustaining financially after three months. This type of case study should provide leaders with hundreds of thousands of reasons to prioritize better observability and security and their positive ripple effects.

Thankfully, companies are starting to pay more attention. In June, Fortinet reported that more than half (52%) of organizations now report that the CISO/CSO is responsible for OT, up from 16% in 2022. Additionally, nearly all (95%) of organizations report that the C-suite is responsible for OT, up from 41% in 2022. This is good news because, with an executive championing the cause, teams can better overcome cultural differences and onboard solutions specific to their circumstances. Fortinet confirmed this is the right approach, reporting a decrease in the impact of intrusions in organizations that prioritize OT security.

Less severe hacks, better oversight, and enhanced uptime for the long term – there’s a lot to like about OT oversight done right. Teams, the ball’s now in your court. This is a widespread and growing threat with potentially company-changing, bottom-line damages. It’s past time to recognize OT on the same level as IT by aligning your budgets, priorities, and cross-team cooperation.