Securing the Factory Floor: A Conversation with Cybersecurity Expert Rob Larsen
As the manufacturing sector rapidly embraces digital transformation and integrates advanced technologies, the security of operational technology (OT) environments has become paramount. To gain insights into this evolving landscape, Smart Industry spoke with Rob Larsen, a cybersecurity advisor at Silverfort, a Tel Aviv, Israel-based cybersecurity and software company. Boasting 35 years of experience, Larsen recently concluded a tenure at General Motors, where he served as Director and Chief Security Architect.
Larsen began his career in the U.S. Treasury Department, later moving to NASA’s Mission Operations Directorate.
During his time at GM, Larsen was responsible for establishing the global enterprise security architecture, including implementing a zero-trust strategy. Prior to that, he was a special agent with the U.S. Treasury Department before transitioning to NASA’s Mission Operations Directorate as a security engineer and manager.
Smart Industry: How is the convergence of OT reshaping cybersecurity strategies in manufacturing, and what role does identity security play in this transformation?
Rob Larsen: The convergence of IT and OT is expanding the manufacturing attack surface. Identity protection is becoming a critical component in securing manufacturing environments. If organizations fail to protect identities, a chain reaction begins — with an identity being the first domino to fall in any breach. Every account, whether for a human user, a privileged administrator, or an OT system, needs a robust identity protection strategy.
OT systems often rely on legacy infrastructure, shared credentials, and machine-to-machine communication, making identity security especially challenging compared to traditional IT environments. Cyber attackers are focusing on exploiting identity-based vulnerabilities, to move laterally between IT and OT systems, compromise critical systems and directories, and launch ransomware attacks. To minimize risks, manufacturers must prioritize identity protection strategies, embrace zero-trust principles, understand the devices present in their facilities, carefully manage network ingress/egress connections, and continuously monitor for suspicious behavior. In today’s world, identity is where every attack begins. For manufacturers navigating OT-IT convergence, addressing identity protection is not just recommended but essential.
Smart Industry: With manufacturing becoming one of the most targeted industries for cyberattacks, what makes it such an attractive target?
Rob Larsen: Manufacturing faces relentless threats from cybercriminals. The sector’s attractiveness lies in its combination of high-value data, critical operational processes, older, often less secure systems, and often outdated or insufficient security measures. As a result, manufacturers frequently fall victim to ransomware, data breaches, and various other cyber threats, each with potentially devastating consequences. A key driver for the recent surge in attacks is the industry’s low tolerance for downtime; even brief disruptions can lead to massive financial loss, reputation damage, and a decline in customer trust. Many manufacturing operations rely on a seamless flow of production. Cybercriminals understand that halting or tampering with this flow offers powerful leverage, especially in ransomware attacks.
Smart Industry: As manufacturers adopt IoT and AI to enhance operational efficiency, what security challenges arise, and how can they be addressed effectively?
Rob Larsen: Manufacturers integrating OT and AI to streamline operations will continue to face traditional cybersecurity challenges like sensitive data exfiltration, attacks, and ransomware infections. Integrating AI into an OT strategy has its benefits and risks. While AI can accelerate threat detection and response and help to harmonize protection and security measures, AI itself can also be an attack vector. To mitigate AI risks, organizations need to:
- Implement Explainable AI (XAI) to ensure decision transparency and test against standard and non-standard use cases prior to implementation.
- Regularly perform AI model audits to detect and correct biases, and identify anomalies and logic conflicts.
- Integrate cybersecurity measures like monitoring and AI threat detection into existing incident response processes.
- Develop comprehensive testing to ensure determined expected results.
- Develop AI governance policies and practices to set appropriate expectations with internal teams, regulators, and vendors.
- Establish robust change and configuration management to ensure the authenticity, integrity, and software provenance of AI.
AI can be a powerful addition to OT security, but only when deployed thoughtfully, with clear oversight, rigorous testing, and robust security measures to reduce risks, protect sensitive data.
Smart Industry: What factors are driving the increased focus on OT security, and how should manufacturers prioritize their efforts to stay ahead of threats?
Rob Larsen: Several factors are driving the increased focus on OT security. The rising frequency and cost of cyberattacks, and growing regulatory pressures that mandate manufacturers to secure their OT environments require attention. As a first step, manufacturers should have complete visibility of OT devices, identify vulnerable legacy systems, fully understand network ingress and egress points, and implement identity-based security controls.
Basic security hygiene practices such as regular patching, OT device security, incident response integration, penetration testing, and rapid response to detected vulnerabilities, are key as they raise the degree of difficulty it takes to compromise the environment. Applying zero-trust principles across IT and OT systems will also help minimize risk. This includes implementing multifactor authentication (MFA) across all access points, enforcing least-privilege access for users and machines, and continuously monitoring for anomalous activity.
Smart Industry: You mentioned that a common issue in manufacturing security is the communication gap between mechanical engineers, IT, and security teams. Can you expand on that more? How can organizations bridge this gap?
Rob Larsen: Bridging the gap between mechanical engineers, IT, and cybersecurity teams is crucial for securing manufacturing environments. Historically, these teams have operated in silos, each with different priorities and missions, which often results in organizational friction, and inefficiencies in security planning. To break down these walls, security teams need to understand the roles and responsibilities of each group. Leadership should align on a shared security vision and strategy and promote collaboration across all teams. Regular cross-team meetings, joint roadmap planning, and collaborative product testing should become standard practice. At General Motors, I witnessed firsthand the value of understanding the work, challenges, priorities, and schedules of the manufacturing engineering and IT teams. The give-back model is incredibly effective in this context. Prioritizing the needs of others helps build goodwill and, fostering partnerships when security challenges arise. A well-aligned security strategy isn’t just about reducing friction; it directly strengthens manufacturing resilience. Embedded security into operational processes helps manufacturers mitigate cyber risks effectively, minimize downtime, and ensure continuous production, even during an attack.
