In this episode, Craig Duckworth and Dino Busalachi discuss the critical but often overlooked or misunderstood role of system integrators (SIs) in industrial cybersecurity.

Key Issues Identified:

• Organizations typically work with multiple specialized integrators across different facilities and systems
• Some SIs lack cybersecurity expertise, focusing primarily on equipment functionality
• Equipment can remain connected to networks for decades, with ownership and oversight changing hands over time
• System integrators must exercise proper IT coordination to implement remote access solutions effectively

Recommendations:

• IT and OT teams should collaborate more closely with system integrators on cybersecurity planning
• Organizations need to evaluate their SIs' cybersecurity capabilities and partnerships
• Consider standardizing on integrators with demonstrated cybersecurity practices and vendor certifications
• Apply the same due diligence used for IT vendor selection to OT system integrators

Bottom Line: System integrators are essential partners in executing industrial cybersecurity strategies and protection. Organizations must actively engage them in security conversations and ensure they have the necessary skills and partnerships to implement secure solutions for their plant environments from the start.

Chapters:

• 00:00:00 - Real-World Ransomware Hits the Plant Floor
• 00:00:52 - Meet the System Integrators Shaping Your OT Plant Floor Security
• 00:01:17 - What System Integrators Really Do (and Don’t)
• 00:04:13 - Remote Access: The Hidden Backdoor Nobody Sees
• 00:08:34 - Why Ongoing Monitoring Is Non-Negotiable
• 00:13:30 - How to Pick the Right System Integrator For Your Operations
• 00:26:17 - Building Strong Partnerships with Your Integrators

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!