What Type of Cyber Defender Is Your OT Team?

by , | Jun 24, 2025 | Control & Safety Systems, Cybersecurity | 0 comments

We’ve talked a lot in this space about how cybersecurity is a particularly difficult challenge for OT teams. For decades, OT systems were specifically engineered to be closed to the outside world and from one another to ensure secure, reliable operation. That trend set a standard for locking down OT assets—a trend that is causing complexity today.

Today, OT teams need more access to cloud and internet resources. What’s more, with the rise of AI, OT assets need ways to move their data seamlessly between systems so analytics software—both on the edge and in the cloud—can gather all the information they need to help optimize operations and secure competitive advantage in an increasingly tight and complex marketplace.

To that end, organizations around the globe are reevaluating their cybersecurity policies to allow for secure data transfer, even going so far as to begin adopting cutting-edge strategies such as Zero Trust Cybersecurity architectures. But if that sounds like a lot, don’t worry. Not everyone is rapidly implementing the newest technologies. Some companies are much more conservative in their cybersecurity journey. And, as Emerson’s Alexandre Peixoto shares in his recent article in Chemical Engineering magazine, there is room for both points of view.

“As with any choice, extremes are rarely the right answer. However, by defining and understanding the two ends of the spectrum, organizations can better evaluate their own security posture preferences and, by extension, make better decisions when building a cybersecurity strategy for their plants and enterprise.”

How pragmatists differ from pioneers

Cybersecurity pragmatists have one core goal: achieving the basic protection necessary to continue to operate. These teams typically value uptime and secure operations over everything else. Knowing that new, untested solutions can disrupt operation, they tend to be less trusting of innovative new technologies. Instead, they prefer to rely exclusively on field-proven solutions they know will work seamlessly with their control technologies.

Pragmatists also recognize that good cybersecurity takes work. As such, they often seek to minimize solutions to reduce that workload. Alexandre explains,

“Highly pragmatic teams deeply recognize that the more systems they put in place, the more systems they will have to maintain. Cybersecurity solutions require updates, and those updates can often require system outages. Moreover, each update generates potential for configuration errors that disrupt operation.”

Pragmatism offers significant benefits. Highly pragmatic OT teams can be confident their solutions will work with their mission-critical environments. Because the solutions they implement have been field proven (often for many years) they are less likely to fail and far less likely to cause process interruptions. The solutions they choose will also likely have long lifecycles, making it far less likely they will need to replace technology that reaches end of life.

However, pragmatism also comes with downsides. Alexandre shares,

“Often, extremely pragmatic organizations find that by the time they have implemented a new technology, it is no longer as effective as it once was. Cybersecurity is an ever-evolving domain. As solutions emerge, bad actors pivot to navigate around those solutions, or even exploit them. Companies unwilling to implement anything but the most field proven technologies often find that their solutions are significantly less effective.”

In contrast, cybersecurity pioneers—often stemming from born-digital industries like the life sciences—understand that threats evolve quickly, and they are more apt to test newly released solutions to continually evolve their cybersecurity posture alongside growing and changing threats. They stay up to date on the newest technologies, and often seek out solution providers who can implement those new systems and strategies as they emerge in the marketplace. That kind of thinking can have significant advantages, Alexandre explains,

“Being willing to adopt new technologies early means reaping the advantages of new solutions ahead of competitors. As today’s pioneers implement technologies like zero trust architectures, they gain access to new models of operation that make their cybersecurity tasks faster and more efficient. Such a change can easily put them at an advantage to their competition, who might be limited by more structured approaches to cybersecurity—for example, the access to new models of operation afforded by a pioneering approach to cybersecurity can make it easier to pivot quickly to manufacture different chemicals on demand to meet market needs.”

But pioneering, like pragmatism also has its own drawbacks. Sometimes the newest cybersecurity solutions are the most fragile. If success of a solution isn’t fully proven out, its benefits can evaporate even before it is fully implemented on site. Moreover, such solutions may not be fully vetted to work with the company’s control technologies, and can lead to complex, fragile architectures or even unanticipated downtime due to conflicts.

Common ground is critical

Regardless of tolerance for risk and desire to implement new technologies, OT teams can help support their cybersecurity investments using a few key strategies. First and foremost, every team should undergo a risk assessment to gain a clear picture of its cybersecurity posture, Alexandre explains,

“As part of a risk assessment, the OT team determines what types of protections they should be evaluating for their industrial control environment. This starts with defining the risk landscape. Knowing the current threats and common attack vectors is critical to developing effective protection strategies. In addition, the team must also identify what level of exposure is acceptable by the organization, and it must develop strategies and implement technologies to lower the risk surface to that level. “

In addition, any OT team, pioneer or pragmatist, should partner closely with their automation solutions provider to identify the best, most effective cybersecurity solutions for their unique operations environment. Both groups can benefit from consultation before a cybersecurity project to help identify potential problems, perform validation testing, and to set guardrails for any implementation.

Whether you’re a pragmatist or a pioneer, there are concrete steps you can take to not only better secure your environment, but also to ensure those new security layers don’t create additional headaches for OT staff. It’s never too early to start your cybersecurity journey!

Comments

Author

  • Emerson's Todd Walden
    Public Relations, Advertising & Social Media Consultant

Featured Expert

Follow Us

We invite you to follow us on Facebook, LinkedIn, Twitter and YouTube to stay up to date on the latest news, events and innovations that will help you face and solve your toughest challenges.

Do you want to reuse or translate content?

Just post a link to the entry and send us a quick note so we can share your work. Thank you very much.

Our Global Community

Emerson Exchange 365

The opinions expressed here are the personal opinions of the authors. Content published here is not read or approved by Emerson before it is posted and does not necessarily represent the views and opinions of Emerson.

Privacy Policy | Cookie Policy | Data Protection Statement

PHP Code Snippets Powered By : XYZScripts.com