Industrial Cybersecurity Insider

IT SOC vs OT SOC How & Why They’re Different


Listen Later

Craig and Dino tackle the critical differences between IT and OT Security Operations Centers, revealing why traditional IT-centric SOCs are failing to protect manufacturing environments.

Drawing from real-world examples, including a global beverage company that discovered they were only monitoring one-third of their OT assets, the hosts expose the fundamental disconnect between IT security teams and operational technology environments.

They discuss why IT SOCs struggle with OT visibility, the challenges of asset inventory in dynamic manufacturing environments, and the critical importance of localization in security operations.

The conversation covers practical barriers like line changeovers, PLC modifications, remote access vulnerabilities, and the need for OT-specific incident response protocols.

Craig and Dino emphasize that effective OT security requires IT teams to become embedded in plant operations, working collaboratively with OEMs and system integrators, and understanding the unique operational context of manufacturing assets.

This episode is essential listening for CISOs, plant managers, and security professionals trying to bridge the IT-OT security gap.

Chapters:

  1. (00:00:00) - The Two-Thirds Problem: When Your SOC Can't See Your Plant Floor
  2. (00:01:00) - The OT SOC Asset Visibility Problem: A Case Study
  3. (00:03:00) - Why IT SOCs Can't Manage OT Assets
  4. (00:05:00) - Line Changeovers and Operational Context
  5. (00:07:00) - First Responders and Incident Response Challenges
  6. (00:10:00) - The WannaCry Response Gap
  7. (00:12:00) - Asset Inventory and Baseline Challenges
  8. (00:15:00) - Incident Response and Phone Trees
  9. (00:17:00) - Organizational Accountability Problems
  10. (00:19:00) - Greenfield Opportunities and Standardization
  11. (00:22:00) - The IT-OT Collaboration Challenge
  12. (00:24:00) - Think Global, Act Local: Embedding IT in Plants

Links And Resources:

  1. Want to Sponsor an episode or be a Guest? Reach out here.
  2. Industrial Cybersecurity Insider on LinkedIn
  3. Cybersecurity & Digital Safety on LinkedIn
  4. BW Design Group Cybersecurity
  5. Dino Busalachi on LinkedIn
  6. Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

...more
View all episodesView all episodes
Download on the App Store

Industrial Cybersecurity InsiderBy Industrial Cybersecurity Insider