Governance & Risk Management , Operational Technology (OT) , Security Awareness Programs & Computer-Based Training

Bridging the IT-OT Cultural Gap

Lorena Nunes of Braskem on Overcoming Cultural Gaps in Industrial Cybersecurity
Lorena Nunes, industrial cybersecurity specialist, Braskem

Business leaders often consider culture a soft topic, but this can create a divide between the IT and OT departments, leading to significant challenges for industrial cybersecurity. Bridging this cultural gap requires understanding and addressing unique operational needs, said Lorena Nunes, industrial cybersecurity specialist at Braskem.

See Also: The CISO Playbook for Cloud Security

Even though culture is a theory, organizations "see it on a day-to-day basis and behavior" that can affect cybersecurity, she said, adding that building a strong cybersecurity culture requires support from both leadership and rank-and-file employees. Nunes highlighted how operational continuity often conflicts with cybersecurity measures, making cultural integration essential.

"When you get cases that are in the industry,= where someone, for instance, used the same password they had for Facebook … we will see that a Colonial Pipeline type of incident can happen due to bad culture on the industrial side," she said. "When you start showing this type of graph, that's when the leadership says, 'I better start implementing this from the ground.'"

In this video interview with Information Security Media Group at the Cyber Security for Critical Assets USA Summit in Houston, Nunes also discussed:

  • The combination of technical and relational skills needed to promote cybersecurity culture within industrial settings;
  • Strategies to convince business leaders that tackling cultural issues is imperative for their success;
  • Going back to basics to identify cultural gaps in an organization.

Nunes is a cybersecurity expert with more than 15 years of experience in the engineering of automation projects. She focuses on instruments, SCADA systems and automation network integration.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.