From safety to cyber security: a cultural shift in Operational Technology protection

With the continuing convergence of IT and OT, the systems that manage critical infrastructure such as power grids, manufacturing plants and transportation systems are being increasingly targeted by cyber attacks. They are now exposed to the same digital threats that plague traditional IT systems. 

To protect OT environments effectively, we therefore need a significant cultural shift that mirrors the evolution of health and safety (H&S) practices in other industries over the past few decades.

The transformation from reactive safety measures to a proactive safety-first culture can serve as a powerful model for how we must approach OT cyber security today. We need to rethink how OT environments are secured, leveraging cutting-edge technology and fostering a culture that views cyber security as essential to operational integrity.

The evolution of safety culture: Lessons from history

Safety wasn’t always prioritised in industries such as manufacturing, construction and aviation. The aviation industry, in particular, was one of the first to recognise the importance of embedding safety as a core element of its operations. In the early 20th century, aviation was a perilous endeavour, with crashes often attributed to pilot error, poor engineering, or lack of proper maintenance protocols. One turning point came in 1931 when the crash of a Fokker F-10 passenger plane, caused by structural failure, highlighted the need for standardised safety measures. This tragedy spurred the introduction of systematic safety checks, engineering standards and pilot training programs.

Over the following decades, the development of safety engineering practices including regular safety risk assessments and extensive employee training helped the aviation industry to dramatically reduced incidents, making air travel one of the safest modes of transport.

These practices became widespread across other industries. Regulations such as the Health and Safety at Work Act (UK) and the establishment of OSHA (US) in the 1970s compelled industries to formalise their approach to safety, turning it from an afterthought into an operational cornerstone. Risk assessments, hazard mitigation, and a safety-conscious workforce became standard. Today, safety is deeply ingrained in organisational cultures and most employees, regardless of industry, are familiar with health and safety protocols.

This cultural transformation didn’t happen overnight. It was driven by a combination of leadership commitment, regulatory pressure, and a growing awareness that safety isn’t just the responsibility of a few – it’s everyone’s job. This cultural shift dramatically reduced accidents and set a new standard for operational integrity.

OT cyber security: Learning lessons from safety engineering

Today’s OT systems are facing a cyber security challenge similar to the safety challenge other critical industries once faced. More than ever, they are vulnerable to cyber attacks that can have severe consequences – such as shutting down critical infrastructure or causing operational failures – which means neglecting cyber security is no longer an option.

Much like the safety movement of the past, we need a proactive, security-first approach for OT environments. This means moving away from reactive responses to cyber security incidents and embedding security practices into the core operations of OT systems, just as safety was integrated into industrial workflows decades ago.

The lessons learned from safety engineering provide a clear roadmap for how we can strengthen OT cyber security. Safety practices, such as risk assessments and hazard prevention, can directly inform how we approach security in OT environments. The following parallels can guide this cultural transformation:

• Risk management and threat assessment: Just as health & safety risk assessments became standard across industries, OT environments must adopt structured cyber risk assessments. Every device, from Supervisory Control and Data Acquisition (SCADA) systems to PLCs (Programmable Logic Controllers), should be evaluated for vulnerabilities. Organisations must be able to anticipate cyber threats and act pre-emptively, just as they would for physical hazards.
• Regulations and standards: The safety movement gained momentum with the introduction of safety regulations. Similarly, cyber security regulations like NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) and the NIS Directive (Network and Information Systems Directive) in the EU have set the groundwork for enforcing cyber security measures in OT. 
• Cultural awareness and training: Safety was only integrated into industrial operations because employees at all levels were trained to recognise and mitigate hazards. A similar approach is necessary for OT cyber security. Operators, engineers and executives need to be aware of cyber risks, while cyber security training must become as routine as safety drills. Employees must view cyber security as part of their everyday responsibilities.

Case study: CHERI and secure OT systems

One of the most significant innovations in addressing OT cyber security vulnerabilities is CHERI (Capability Hardware Enhanced RISC Instructions). CHERI introduces hardware-level memory protection to reduce vulnerabilities like buffer overflows and memory corruption, which are common attack vectors in OT systems. It could potentially act as a force-multiplier alongside memory safe programming languages, satisfying the defence-in-depth principle of a secure-by-design approach to system architecture.

CHERI’s capabilities mirror the proactive safety measures in safety engineering. It provides fine-grained memory control to ensure that even if a system is compromised, the damage is contained. By incorporating hardware-based protections, CHERI represents a proactive approach to security, preventing vulnerabilities before they can be exploited.

In OT environments, where systems often rely on legacy software and hardware that were never designed with cyber security in mind, CHERI can play a crucial role in future-proofing infrastructure. By integrating these advanced hardware solutions, organisations can reduce the risks associated with aging OT systems and build more resilient environments.

In 2020, Microsoft noted that CHERI would mitigate around 70% of overall security bugs discovered in the last decade (i.e. vulnerabilities related to memory safety).

Building a proactive cyber security culture in OT

Just as safety culture became universal across industries, cyber security culture must now become an integral part of OT environments. The following steps are key to driving this transformation:

• Leadership commitment: Senior leadership must prioritise OT cyber security as a critical aspect of operational integrity. This involves committing resources, setting organisational goals around cyber security and leading by example.
• Cross-disciplinary collaboration: Cyber security teams and OT engineers must work closely together to ensure that security measures don’t interfere with operational efficiency. This collaborative approach mirrors how safety engineers worked with operational teams to integrate safety into daily workflows.
• Continuous monitoring and adaptation: Cyber threats are constantly evolving. OT environments must adopt continuous monitoring solutions that can detect and respond to potential threats in real time. Just as safety regulations and standards evolve, so too must cyber security practices adapt to emerging risks.

The historical evolution of safety culture offers a powerful framework for how OT cyber security must evolve. Just as safety became non-negotiable in industries like aviation and manufacturing, cyber security must now be embedded into the operational culture of OT environments.

By learning from the past and adopting modern solutions like CHERI, organisations can build a future where OT systems are not only operationally efficient and safe but also secure from digital threats. This cultural shift is not just necessary – it is essential for the continued resilience and safety of critical infrastructure in an increasingly digital world.