Information technology (IT) managers tend to think in terms of systems, especially when it comes to security. How can a bad actor get behind our walls? What systems are vulnerable? Operations technology (OT) folks tend to think in terms of machines. How do we maintain uptime for the stamping presses or data collection from the cutting inserts?
At Automation Fair 2025 this week in Chicago, security experts said it’s critical for technology providers to talk to OT people in their own language—focusing on risk, uptime and operations.
Ryan Zahn, manager of technical account management for Rockwell Automation’s SecureOT line, says the company’s engineers and security team designed modular OT cybersecurity protection that constantly monitors equipment for potential attacks.
“We’re able to interface with [manufacturing] assets. A lot of the tools on the IT side are really meant for looking at the network traffic or looking at Windows and Linux assets and software,” Zahn said. “We tried to tailor this to where we can have these different risk factors that are really specific to a lot of things we’ll find in OT, like obsolete firmware.”
Marie Else (pictured), Rockwell’s senior global product manager for cybersecurity products, said Rockwell’s security technology prioritizes the cyber risk that manufacturers face. Working with clients, the company assesses the criticality of each piece of equipment and how likely it is to be attacked.
“We provide our customers with things to help them prioritize, build them a road map, show them where they’re vulnerable, what their gaps are,” Else said. The goal is to provide a dynamic and proactive approach to risk.
For example, if the production bottleneck in a plant is an internet-connected machining center with lots of downstream processes, even if it’s unlikely to be attacked, it should be a security priority because if it goes down, large swathes of the plant go down with it.
Zahn said the cybersecurity monitoring system checks each machine for when it last showed up on networks, when technicians last updated firmware, data flows and other security issues, giving OT managers a simple dashboard showing the cyber risk of each piece of equipment.
“We have many customers that send this data to their IT departments, because that staff has the expertise to understand alerts and start the workflow process,” Zahn said. “But [those IT people] are not experts in the actual environment and the protocols and the types of assets that [OT manages].”
He added that a major thing to consider with OT cybersecurity is the age of the equipment. IT network managers consider equipment from 2018 to be old or outdated. OT managers are used to seeing machines built in the ’50s and retrofitted with computer controls in the ’80s as perfectly functional.
“One of the biggest jokes I make with OT is that we’re in operating museums,” Zahn continued. “We have a lot of systems for which we’re always trying to push the lifecycle out. We have things we’re trying to keep up all the time, so we want to make sure that we know where those assets exist so we can provide more controls in place or mitigating measures for those assets.”
He added that he still sees Windows NT installed on machines, an operating system that Microsoft stopped supporting with patches and security fixes in 2005.
