In August 2025, Jaguar Land Rover (JLR) was struck by a crippling cyberattack that forced a global shutdown of production at key plants.Why did this happen ? BTW, this has not been resolved as I write this page. For decades, Operational Technology (OT) systems:
- The programmable logic controllers
- SCADA systems
- Industrial equipment
These systems keep factories running, water flowing, and power grids stable. It has quietly powered the modern world. These systems were never designed to be connected, let alone be secure.
Today, as digital transformation reaches the plant floor, this design assumption is breaking down. In my blog from 2 weeks ago, I mentioned that IT and OT are converging; this convergence is exposing vulnerabilities that have existed for years, and the results are alarming. Ransomware shutting down pipelines, attacks halting manufacturing lines, and geopolitical actors probing critical infrastructure are no longer theoretical risks; they are operational realities.
The result? The result is a brittle structure in which a single compromised laptop or third-party VPN credential can provide attackers with a direct path into the control network. Once inside, segmentation is poor, visibility is low, and detection capability is limited. Perimeter defense has become a false sense of security.
History Repeats: The lesson of Athens and Sparta
This overreliance on walls isn’t new. In ancient Greece, Athens was the greatest city-state of its time, wealthy, cultured, and protected by enormous walls. The Athenians believed those walls made them invincible. But when the enemy breached them during the Peloponnesian War, Athens quickly fell, not because its walls failed, but because its people were unprepared for internal defense.
Sparta, by contrast, had no big walls. Its defense wasn’t built on stone; it was built on discipline. Every citizen was a warrior. Every household was trained to defend itself. When conflict came, Sparta’s resilience came not from its perimeter, but from its people, training, and readiness.
In many ways, OT security today looks a lot like Athens: proud of its perimeter but hollow within. What we need is a Spartan mindset: where every device, every connection, and every process is capable of defending itself.
The Ten Structural Challenges holding OT Security back
- Legacy Systems and Long Lifecycles Many control systems run for 20-plus years and predate modern cybersecurity practices. Patching or replacing them risks downtime, an unacceptable outcome in safety-critical operations.
- Poor Asset Visibility Most organizations cannot produce a real-time inventory of every PLC, HMI, and sensor that is connected to the network. You can’t protect what you cannot see.
- Flat Network Architecture OT environments often operate on flat Layer-2 networks where a single breach can move laterally without resistance.
- Weak Authentication and Access Control Shared accounts, default passwords, and lack of MFA remain widespread because many devices simply don’t support modern identity standards.
- Infrequent Patching Even when vulnerabilities are known, patching requires planned outages, so critical systems stay unpatched for years.
- Third-party integrators, contractors, and vendors often have persistent remote access to control systems. These connections are rarely monitored or audited from start to finish.
- Cultural Divide Between IT and OT: OT teams prioritize uptime and safety; IT teams prioritize security and confidentiality. Without shared accountability, the gaps widen.
- Limited Logging and Monitoring: Many industrial devices either lack audit trails or use proprietary log formats that cannot integrate with enterprise SIEM tools.
- Insecure Protocols: Industrial communication standards, such as Modbus, DNP3, and BACnet, were designed for closed environments and continue to transmit data in plaintext.
- Physical Consequences: OT breaches don’t just cost data; they can destroy equipment, disrupt production, and put human safety at risk.
Why the Perimeter Model Failed
Similar to the example of Athens, perimeter defense assumes that:
- Inside == trusted
- Outside == untrusted
But modern OT environments are hyperconnected ecosystems, blending IT, cloud, and third-party components. Trust boundaries dissolve the moment a technician plugs in a maintenance laptop or a vendor connects remotely.
Most OT systems lack internal defense once they breach the perimeter, as in no lateral segmentation, no endpoint telemetry, and no behavioral monitoring. This is why the mean time to detect (MTTD) incidents in OT is still measured in weeks, not hours.
The Path Forward: From the Perimeter to Persistent Defense
Protecting OT now requires the same shift IT made years ago, i.e., from static controls to persistent, identity-driven, and behavior-aware defense.
| Legacy Approach | Modern Approach |
|---|---|
| Air-gapped assumption | Continuous visibility across all assets |
| Firewalls and DMZs | Zero-trust segmentation and identity enforcement |
| Reactive patching | Risk-based vulnerability management |
| Manual monitoring | Protocol-aware intrusion detection and anomaly analytics |
| Trusted internal network | Verification of every connection, every time |
| Focus on uptime only | Balance uptime, safety, and resilience |
This transformation won’t happen overnight. It requires modern asset intelligence, unified governance between IT and OT, and platforms that can analyze network behavior at scale without disrupting production.
AI and machine learning will play a growing role, identifying anomalies in process data, flagging deviations from normal control logic, and automating containment without stopping operations.
Final Thoughts
Perimeter-led defense gave us a comfortable illusion of control. But as OT systems become digital citizens in a connected enterprise, we need to evolve. The future of OT security lies not in thicker walls but in smarter, adaptive layers of defense that continuously learn, verify, and respond.
We must be more like Sparta, resilient from within, not just protected from without.
As product leaders, our mission is clear:
- Visibility must be continuous.
- Trust must be earned.
- Security must be built-in, not bolted-on.
Only then can we bridge the gap between operational reliability and digital resilience and truly secure the systems that power our world.