As industries race to embrace digital transformation, the boundary between information technology (IT) and operational technology (OT) continues to blur. This convergence unlocks new levels of efficiency, agility, and data-driven insight—but it also introduces a broader and more complex cyber-attack surface. Many legacy OT systems, originally designed for isolated environments, were never built with advanced connectivity or cyber risk in mind.
Recognizing the urgency of this shift, ABB hosted a high-impact roundtable at CS4CA APAC 2025 titled “Bridging IT-OT Security: Strategies for Cyber Convergence.” The session convened cyber security leaders, risk managers, and technology strategists from top industry leaders to explore how integrated governance, risk-based decision-making, and cross-functional collaboration can strengthen organizational resilience.
Why IT-OT convergence can’t be ignored
Today’s industrial environments are highly interconnected—from programmable logic controllers (PLCs) and edge devices to cloud platforms and enterprise systems. IT-OT convergence is key for enabling data driven decision making where OT system generates real time data from machines and processes and IT system provides the tools to analyse and visualize the data. Together they enable real time data sharing, automated decision making and streamlined operation leading to faster response time and reduced downtime.
While IT-OT convergence unlocks efficiency and real-time insight, it also raises new cyber security challenges that require a coordinated response.
The reality is clear: cyber threats no longer stop at the data center. Attackers are exploiting vulnerabilities at every level, including within physical systems. While convergence brings systems closer together, it also broadens the potential attack surface, making strong cyber security practices more critical than ever.
Securing OT environments is no longer optional — it’s essential to protect business continuity, safety, and national infrastructure.
To defend against this expanded risk landscape, ABB experts emphasized the importance of adopting a unified cyber security strategy—one that governs, secures, and responds across both IT and OT domains. A key focus was the need to align IT and OT governance under a shared enterprise risk management (ERM) framework. Traditionally, IT governance and compliance teams lack visibility into the operational nuances of OT environments. ABB highlighted the value of developing a common language and shared risk objectives to close these gaps. Cyber convergence is as much a cultural shift as a technical one—built on collaboration, mutual respect, and shared priorities. While IT focuses on confidentiality, integrity, and availability (CIA), OT prioritizes safety and reliability, making open dialogue essential.
Tackling the legacy OT challenge
Many OT systems in use today were designed long before the internet era. These legacy assets often lack basic cyber security features and can become highly vulnerable when integrated into modern digital infrastructure. A practical, risk-based approach to securing such environments was emphasized throughout the discussion, with ABB contributing insights based on its experience in industrial automation and operational technology.
This begins with implementing situational awareness tools capable of detecting unusual behavior and escalating threats in real time. Organizations should also deploy defense-in-depth strategies, including segmentation, strict firewall rules, and physical controls to contain risk. Importantly, companies must regularly assess their cyber posture, ensuring that security investments are aligned with business-critical assets and deliver optimal risk reduction per dollar spent.
Roundtable team emphasized the fact that key aspect of IT and OT integration include controlled data exchange, preservation of priorities and a sufficient resilience where convergence allow each domain to remain operational and secure even if the other is compromised. Team acknowledged that though converging IT and OT systems into a single environment amplifies risk but “Secure integration” not convergence should be the guiding principle particularly for industries where safety and reliability are paramount.
Rethinking threat intelligence and incident response
The roundtable emphasized that OT threats require different approaches than traditional IT threats. In One voice, team recognized and understood the distinctiveness of IT and OT Threat intelligence and challenges of incident response.
Speakers urged for industry practitioners to investing in OT-specific threat intelligence that can provide context-sensitive alerts and early warnings. Integrated IT-OT incident response frameworks were seen as vital to ensure collaboration and fast recovery during cyber incidents. Team also highlighted the importance of credible intelligence and cost-effective measure to enable it. The role of AI and need of cross training between IT and OT team helps in improving the overall ecosystem of incident response.
At the same time, the role of original equipment manufacturers (OEMs) was also called out as critical. ABB encouraged organizations to review vendor agreements to ensure their OT-specific incident support including relevant IT scope of work, clear escalation protocols and provisions for joint response during emergencies.
Cyber security is a team sport
Effective cyber security isn’t just about tech and tools, it’s about people. The roundtable discussed the importance of joint simulation and tabletop exercises that align IT, OT and external partners. These build trust, clarity in roles and improves real world readiness.
Ongoing training and awareness are critical. Tailored programs for IT and OT professionals help sustain long term resilience. ABB reiterated that cyber convergence is an ongoing journey, not a one time off fix and it demands strong leadership and an empowered workforce.
When it comes to capability building, a balanced strategy is key. ABB recommended blending in-house expertise with smart outsourcing to stay agile while maintaining control where it counts most.
Turning strategy into action
ABB also showcased its Cyber Security Workplace™, a unified platform designed for industrial cyber security. The solution enables customers to manage cyber risk through features such asasset inventory, threat detection, malware protection, system hardening, event monitoring, and incident response — all tailored for OT-specific challenges.
Part of ABB’s broader Ability™ Cyber Security solutions portfolio, the Cyber Security Workplace is built on the principles of defensible design, simplified security and deterministic data, helping customers stay ahead of threats and operate with confidence.
Securing the future, together
The message from ABB’s roundtable was clear: the future of industrial security depends on cyber convergence. As threats evolve, so too must the strategies to combat them. Secured IT-OT integration ensures digital operations remain protected, even in complex and highly regulated industrial environments. With deep domain expertise and tailored, industry-grade solutions, companies can confidently implement robust industrial safety frameworks aligned with unique sector needs.
Discover how ABB is helping industries outrun tomorrow’s threats at solutions.abb/cyber-security-services.
