Skip to main content

OT/ICS Cybersecurity

OT Cybersecurity Risk Management: Lessons from World-Class Sports

Author Syed M. Belal

In the high-stakes world of Operational Technology (OT) cybersecurity, risk management has never been more critical. As the lines between Information Technology (IT) and OT continue to blur, securing critical infrastructure and industrial systems demands a unique approach. OT systems, unlike traditional IT networks, control physical processes in industries such as manufacturing, energy and transportation. A security breach in these environments could have devastating consequences, from halting production to causing environmental disasters. 

As we explore strategies for OT cybersecurity risk management, we can draw unexpected yet insightful parallels to world-class sports—specifically, the World Series in baseball, the America’s Cup in sailing, and the World Track Cycling Championships. These events highlight the importance of teamwork, real-time decision-making and precise risk management—skills that are essential in both sports and OT cybersecurity. 

 

Understanding OT Cybersecurity Risks 

Before delving into the sports analogies, it’s important to understand why OT cybersecurity is particularly challenging. OT environments were traditionally isolated and purpose-built, designed with availability and safety as priorities. Security was often an afterthought. However, digital transformation and the integration of OT and IT systems have exposed OT environments to new vulnerabilities. For example: 

  • Legacy Systems: Many OT systems are outdated and not designed to handle modern cybersecurity threats.

  • Limited Patching: Due to the need for constant uptime, patching OT systems is often impractical, leaving them vulnerable to exploits.

  • Increased Attack Surface: The convergence of OT and IT systems and the rise of IoT devices have expanded the potential entry points for cyberattacks.

  • Critical Nature of Operations: Compromising OT systems could lead to operational downtime, safety hazards or even environmental disasters. 

The consequences of failing to protect OT systems can be devastating, as demonstrated by recent high-profile attacks on critical infrastructure, including power grids, pipelines and water treatment facilities. So, how can organizations manage these risks effectively? 

 

OT Cybersecurity Lessons from Baseball: The World Series 

In the World Series, strategy and preparation play a huge role. Teams invest countless hours in analyzing opponents, reviewing past games and preparing for every scenario. Success hinges not just on talent but also on how well teams understand and anticipate risks, adjusting their strategy based on real-time feedback. 

Similarly, in OT cybersecurity, preparation is everything. Conducting thorough risk assessments is akin to a baseball team reviewing scouting reports. Organizations must: 

  • Identify potential vulnerabilities: Know where the weak points are in your OT environment, just as a baseball team identifies the weak spots in an opponent’s lineup.

  • Develop a strategy: Have a proactive approach to cybersecurity—whether through segmentation, patch management or the implementation of intrusion detection systems (IDS). These strategies mirror a baseball team’s game plan, designed to neutralize threats before they escalate.

  • Test regularly: Just as baseball teams run drills, OT cybersecurity professionals must routinely test their systems through vulnerability assessments and penetration testing to ensure that their defense can hold up under pressure. 

In baseball, in-game adjustments are crucial. The same is true for OT cybersecurity. Monitoring systems in real time and having incident response plans in place are critical for adjusting to new threats as they emerge.

 

Sailing into Uncharted Waters: The America’s Cup and OT Resilience 

The America’s Cup, the world’s premier sailing competition, is a high-risk, high-reward endeavor. Sailors face unpredictable conditions—shifting winds, changing currents and sudden weather changes. They must be prepared to adapt instantly, knowing that every decision made on the water carries immediate and sometimes life-threatening consequences. 

In OT environments, the risks are just as unpredictable. Whether it's a sudden system failure or a targeted cyberattack, the ability to navigate uncertainty is crucial for maintaining operational resilience. From sailing, we can learn key lessons in real-time decision-making and system adaptability: 

  • Situational awareness: Just as a sailor must constantly monitor wind, water and weather conditions, OT operators must maintain a comprehensive view of their environment. Continuous monitoring through real-time analytics and network visibility tools enables organizations to detect anomalies and respond before they escalate into full-blown incidents.

  • Redundancy and backup systems: In sailing, if one system fails, a backup must be in place to avoid disaster. Similarly, OT environments must be designed with redundancy in mind. Critical operations should have failover systems that ensure continuity, even in the event of a cyber incident or component failure.

  • Rapid response under pressure: Sailors need to make split-second decisions to avoid hazards. OT operators should have well-rehearsed incident response plans that enable them to react swiftly in the event of a security breach, ensuring minimal disruption to operations. 

Both the America’s Cup and OT cybersecurity share one fundamental truth: the environment is unpredictable and success requires the ability to adapt swiftly without compromising safety. 

 

Pedaling Forward: Precision and Endurance in the World Track Cycling Championships 

Track cycling is a sport that combines speed, precision and endurance. Cyclists must balance the need for raw power with the finesse required to maintain control on a high-speed track, all while being part of a tightly knit team. In OT cybersecurity, this need for balance and coordination is paramount. 

1. Continuous Improvement: Just as a cyclist constantly trains to optimize their performance, OT systems need continuous improvement. Regular updates to cybersecurity policies, employee training and system upgrades are essential to staying ahead of evolving threats. 

2. Team Coordination: Track cycling is often a team sport, where success depends on how well teammates work together, sharing information and adjusting strategy mid-race. Similarly, OT cybersecurity is not just the responsibility of the IT team—it requires coordination between engineers, operators and security professionals. A siloed approach to OT and IT security increases risk. Collaboration across departments ensures that vulnerabilities are identified and addressed holistically. 

3. Balancing Speed and Control: In cycling, going fast is important, but losing control can lead to a crash. In OT, embracing digital transformation without compromising security is the equivalent balancing act. The push for increased automation, data-driven insights and IoT devices must be tempered with robust security measures to ensure that new technologies don’t open the door to new threats. 

 

Bringing It All Together

The complexity of OT cybersecurity risk management can be daunting. However, by drawing lessons from world-class sports, we gain valuable insights into how to manage risk effectively. Whether it’s the strategic preparation of the World Series, the resilience of the America’s Cup or the precision and endurance of the World Track Cycling Championships, the parallels between these sports and OT cybersecurity are striking. 

In both arenas, success is not guaranteed by talent alone; it requires preparation, teamwork, adaptability and continuous improvement. In OT cybersecurity, just like in sports, the margin for error is slim, but with the right approach, the odds of victory—or in this case, operational resilience—can be greatly improved. 

By applying these principles, organizations can not only defend against today’s threats but also build a resilient OT environment capable of withstanding whatever challenges the future may bring. 

About the Author

Syed M. Belal is Director of Cybersecurity Consulting for Hexagon’s Asset Lifecyle Intelligence division. Syed has more than 15 years of experience in industrial control systems and operational technology spanning industrial automation, SCADA, control, and safety systems applications used in critical infrastructure. He holds a B.S. in Electrical Engineering and minor in Computer Engineering from the American University of Sharjah in the UAE and an M.B.A. in Business Strategy from the University of Strathclyde in the United Kingdom as well as many industry certifications, including CISSP®, CISA®, and CISM®.

Profile Photo of Syed M. Belal
Follow on Linkedin More Content by Syed M. Belal