Big Cover - 2021-10-25T173811.084 (1)

Operation Technology Managed Services

Manage IT security for Industrial Systems

Technology Advisory

Multi-cloud, Cybersecurity, Governance and Compliance for our Clients’ business

Find out more

One of the most effective solutions for protecting the security of an IT system is entrusting its management to specialized companies, or to dedicated teams highly qualified in data and systems security. This need has become particularly clear in recent years, when the number and sophistication of cyber attacks has increased exponentially.

But a new element is revolutionizing the world of IT security, represented by the rapid integration of industrial IT systems (OT, Operation Technology) with traditional IT. Is it also possible to adopt the same solution for IT systems in the industrial sector?

OT security is a serious problem

OT systems have always been (silently) present in the world of IT, given that microprocessors revolutionized industrial automation as far back as the 1970s. Nevertheless, the specific nature of these systems, both from a hardware and software point of view, led the OT and IT sectors down rather different paths until the start of the last decade. At that time, the progressive miniaturization of processors, and therefore the availability of low-cost (industrial) PCs, began to usher elements of similarity with the world of IT into the factory environment. The progressive assimilation of the two worlds sped up when companies began to understand the advantages of vertical integration of the OT systems with the IT component, facilitated by the universal spread of TCP/IP networks and the adoption of the MS Windows platform even for the supervision systems of industrial systems.

Unfortunately, the integration of the two worlds gradually eliminated the technical as well as physical isolation which had always protected OT systems from computer hackers (at least from external ones). This new situation began to worsen in the last decade, even though isolated incidents had been documented long before (linked primarily to ultra-sophisticated attacks carried out by government bodies on critical infrastructure of enemy nations, for example StuxNet).

Awareness of the new scenario has only come recently, and unfortunately it is only very serious attacks that have affected essential infrastructure which have finally brought a focus to the new frontiers of cyber security.



Ransomware and Cyber DEFCON: How to prevent cyber attacks and guarantee corporate operativity

Big Cover - Cyber DEFCON Find out more

The slow response of the “defenders” against these new threats has also been due to the very specific scenario represented by the industrial sector.

For example, in the IT sector there are now relatively few platforms to protect (Microsoft, linux/Unix, Apple, a few hypervisor systems and the cloud platforms), while in the industrial sector there are dozens of proprietary systems, often developed and maintained by a myriad of specialized companies. Even the OT network systems, at the lowest levels, are completely different from Ethernet networks. Finally, we must not forget how the security paradigm of OT systems is guided above all by the need to guarantee the safety and availability of the systems and operators, rather than the data privacy which is the priority of “traditional” IT systems.

In order to protect against these new threats, companies (and governments, seeing as the OT systems now manage a large majority of critical infrastructure, such as energy, water and food distribution, transport etc.) are adopting a strategic approach featuring two lines of action.

First of all, an architectural approach: re-establishing levels of separation between the OT systems, their IT counterparts, and the Internet, creating once again multiple layers of segregation between the various zones of the factory/production system. Obviously this separation must still allow communication between the systems in order to protect the investments in vertical integration.

The second element consists of the targeted insertion of some defensive technologies modified from the world of IT security, in particular threat-monitoring systems, supplemented with machine learning-based behavioral analysis solutions and methods for early analysis of attacks.

Why choose a Hybrid SOC and a Managed Security Service?

The adoption of threat-monitoring systems for OT networks has therefore become the primary tool for defending OT systems. Nevertheless, these solutions inevitably require the use of highly trained personnel, both in terms of their knowledge of industrial protocols and of the attack methods used. Finally, monitoring of systems which are operational 24/7 obviously require the continuous presence of a human component. This also applies to incident management, which requires extremely short reaction times and awareness of the possible consequences of an attack in such delicate environments.

Currently, these characteristics are only available in the most advanced and complete Security Operation Centers (Hybrid SOCs), which can indeed offer the following features:

  • Availability of teams of IT and OT analysts working side by side 24/7
  • Level 2 and 3 resources with high-level vertical skillsets in industrial systems and specific defensive tools for OT systems
  • Specialist training and high levels of operational readiness through a Cyber-Range with frequent attack simulations
  • Combined monitoring capacity both for the systems, and the IT and OT protocols
  • Mastery of technologies for the analysis, correlation and summary of data from both sectors
  • Access to extensive intelligence both in terms of threats and early analysis of the offensive actions

Very few private companies can afford to make investments of this type. It is for this reason that the offering of a Managed Security Service with these characteristics can be the most effective choice in guaranteeing a high level of security in relation to this type of infrastructure.

Data Breaches: the new scenarios

How to react in a correct and timely manner to corporate security violations?

data breach_landscape image Go to ideas


The challenge in protecting critical infrastructure and OT systems is one of the most serious current aspects of cybersecurity.

Until there is a radical improvement “by-design” of the security of OT systems, the most modern and effective response to these threats consists of an efficient combination of trained personnel and cutting-edge technology within a Managed Security Service.

Contact Lutech’s Advisory team >

We invite you to read the marketing policy disclaimer.

Please enter a value
Please enter a value
Please enter a valid email address
Please enter a valid phone number
Please enter a value
Please enter a value
Please enter a value

By clicking the "Confirm" button, I declare that I have read and understood the Marketing Disclaimer

I agree to receive commercial and promotional communications relating to services and products as well as information messages relating to marketing activities, as explained in the aforementioned Disclaimer

Please select an option

An error has occurred, please try again later

Thank you for your interest!
We have received your contact request; we will be in touch shortly to further discuss your business requirements.

Case histories


Vision & Trends on Digital Transformation