Sign up to save your podcasts
Or
Share The Patching Gap Putting Industrial Operations at Risk: IT vs OT
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Patching Gap Putting Industrial Operations at Risk: IT vs OT
Craig and Dino tackle one of industrial cybersecurity's most critical challenges in this Rewind episode: the massive gap between IT and OT patching strategies.
IT organizations patch constantly—think Patch Tuesday. OT environments rarely patch at all, creating dangerous vulnerability gaps across connected networks.
The hosts explore why this disconnect exists. Production floor downtime costs are astronomical, making patching a risky business decision.
OEM restrictions complicate matters further. Many vendors won't support systems or warranties after unauthorized updates.
Managing decades-old equipment alongside modern systems creates another layer of complexity. Legacy PLCs weren't designed with patching in mind.
The consequences of not patching are mounting. Insurance companies are tightening requirements and regulatory pressures are intensifying.
Craig and Dino offer practical solutions that don't require shutting down production lines. Virtual patching technologies can protect legacy control systems without traditional software updates.
The hosts emphasize the urgent need for IT-OT collaboration. All stakeholders—including OEMs and system integrators—must be part of strategic cybersecurity conversations.
This episode is essential listening for CISOs, plant managers, and anyone responsible for protecting industrial operations. The connected world isn't waiting for OT to catch up.
Chapters:
- 00:00:00 - Introduction to Patching Challenges
- 00:01:08 - IT vs OT Patching: Key Differences
- 00:02:55 - Understanding the Cost of Downtime in OT
- 00:03:32 - Overcoming Challenges with Legacy Systems
- 00:05:21 - Navigating OEMs and Safety Concerns
- 00:06:45 - The Role of Safety in OT Patching
- 00:08:52 - Exploring Virtual Patching Solutions
- 00:13:11 - Enhancing Vendor Collaboration and Risk Management
- 00:16:48 - Impact of Mergers and Acquisitions on Cybersecurity
- 00:18:33 - Addressing Insurance and Compliance Issues
- 00:20:12 - Significant Consequences of Not Patching
- 00:23:14 - Building an Effective Collaborative Cybersecurity Strategy
- 00:24:03 - Conclusion and Actionable Insights
Links And Resources:
- Want to Sponsor an episode or be a Guest? Reach out here.
- Industrial Cybersecurity Insider on LinkedIn
- Cybersecurity & Digital Safety on LinkedIn
- BW Design Group Cybersecurity
- Dino Busalachi on LinkedIn
- Craig Duckworth on LinkedIn
Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!
View all episodes
By Industrial Cybersecurity InsiderCraig and Dino tackle one of industrial cybersecurity's most critical challenges in this Rewind episode: the massive gap between IT and OT patching strategies.
IT organizations patch constantly—think Patch Tuesday. OT environments rarely patch at all, creating dangerous vulnerability gaps across connected networks.
The hosts explore why this disconnect exists. Production floor downtime costs are astronomical, making patching a risky business decision.
OEM restrictions complicate matters further. Many vendors won't support systems or warranties after unauthorized updates.
Managing decades-old equipment alongside modern systems creates another layer of complexity. Legacy PLCs weren't designed with patching in mind.
The consequences of not patching are mounting. Insurance companies are tightening requirements and regulatory pressures are intensifying.
Craig and Dino offer practical solutions that don't require shutting down production lines. Virtual patching technologies can protect legacy control systems without traditional software updates.
The hosts emphasize the urgent need for IT-OT collaboration. All stakeholders—including OEMs and system integrators—must be part of strategic cybersecurity conversations.
This episode is essential listening for CISOs, plant managers, and anyone responsible for protecting industrial operations. The connected world isn't waiting for OT to catch up.
Chapters:
- 00:00:00 - Introduction to Patching Challenges
- 00:01:08 - IT vs OT Patching: Key Differences
- 00:02:55 - Understanding the Cost of Downtime in OT
- 00:03:32 - Overcoming Challenges with Legacy Systems
- 00:05:21 - Navigating OEMs and Safety Concerns
- 00:06:45 - The Role of Safety in OT Patching
- 00:08:52 - Exploring Virtual Patching Solutions
- 00:13:11 - Enhancing Vendor Collaboration and Risk Management
- 00:16:48 - Impact of Mergers and Acquisitions on Cybersecurity
- 00:18:33 - Addressing Insurance and Compliance Issues
- 00:20:12 - Significant Consequences of Not Patching
- 00:23:14 - Building an Effective Collaborative Cybersecurity Strategy
- 00:24:03 - Conclusion and Actionable Insights
Links And Resources:
- Want to Sponsor an episode or be a Guest? Reach out here.
- Industrial Cybersecurity Insider on LinkedIn
- Cybersecurity & Digital Safety on LinkedIn
- BW Design Group Cybersecurity
- Dino Busalachi on LinkedIn
- Craig Duckworth on LinkedIn
Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!