Siemens stresses the need for a holistic approach to OT security at Cybersec Europe
It’s only fitting that a key industry player like Siemens takes part in Cybersec Europe. While many participating companies concentrate primarily on IT security, Siemens brings a distinct focus to the table: robust operational technology (OT) security. Koen Pauwelyn, head of Industrial Cybersecurity Services at Siemens Belgium, underscores the growing cyber risks manufacturing companies face in the OT domain. He emphasizes that although IT and OT systems are increasingly interconnected, securing them requires distinct approaches—each with its own challenges and priorities.
What are the most pressing cybersecurity threats today?
Koen Pauwelyn: Many manufacturers are grappling with challenges such as unplanned maintenance, unexpected downtime, a shrinking pool of experienced personnel, and limited resources. These issues are further exacerbated by inadequate compliance with OT security requirements. In fact, 61% of smart factories have experienced a cybersecurity incident, and manufacturing accounts for 33% of all cyberattacks.
Failing to prioritize OT security can have serious business consequences. A cyberattack that disrupts production can result in significant downtime, loss of output, and wasted defective products—leading to substantial financial loss. Intellectual property may be stolen and sold on the black market, damaging a company’s competitive edge and reputation. Delivery delays can cause orders to be canceled, further impacting customer trust and revenue. For all companies on their path to becoming a Digital Enterprise, the challenge is to optimally and securely handle their data at all times.
What cybersecurity trends are shaping the industry?
Koen Pauwelyn: We see that IT and OT are converging, allowing data to flow vertically from field devices and sensors to edge computing and the cloud. Applying IT and software development methodologies to the OT world and collecting, contextualizing, and leveraging OT data with IT mechanisms, makes modular, flexible, secure, and sustainable production a reality. However, while this growing connection between production networks and office networks has many benefits for industrial enterprises, such as digitalized processes and cross-company ecosystem collaboration, the risk of cyberthreats increases.
Unlike IT, operational technology (OT) security has only recently started gaining traction. Many manufacturing companies operate with outdated machinery that lacks the resilience needed to withstand today’s cybersecurity threats. While upgrades and retrofits are essential for strengthening defenses, they demand substantial time, specialized expertise, and financial resources—luxuries that are quickly running out. As IT environments become increasingly well-protected against sophisticated attacks, OT systems remain exposed. In response, organizations often turn to their IT teams for support. However, securing OT infrastructure requires specialized knowledge, tools, and approaches that traditional IT teams typically lack.
How does your organization address cybersecurity challenges and opportunities?
Koen Pauwelyn: Our goal for our customers is comprehensive protection—being “protected in every aspect.” This means combining deep industry and domain expertise with advanced cybersecurity knowledge. All our products are appropriately hardened ex works to avoid security vulnerabilities from the very start and to allow security settings to be configured or specified in the factory. We leverage insights gained from securing our own production facilities, sharing this experience with our customers and embedding it directly into our products and services. When cybersecurity is the goal, we’re committed to helping them achieve it—efficiently, effectively, and with confidence.
What is your approach to prevention, detection, and response?
Koen Pauwelyn: We offer our customers a comprehensive, end-to-end approach to industrial security—rooted in the practices we apply within our own production facilities and extending across a broad portfolio of hardware, software, and services (security consulting, implementation and optimization). At the heart of our strategy lies the multilayered “Defense in Depth” concept, which is strengthened even more by our Zero Trust principles, anchored by three essential pillars: plant security, network security, and system integrity. Together, these layers provide robust, up-to-date protection across all operational levels.
Our holistic approach enables early detection of threats and vulnerabilities, swift response to potential compromises, and long-term, sustainable security. Through continuous monitoring, we deliver maximum visibility into the cybersecurity posture of industrial environments—empowering plant operators with the insights needed for effective risk management and smart investment protection.
Why is Cybersec Europe an essential industry event?
Koen Pauwelyn: As industrial environments become increasingly connected, the urgency to close the OT security gap is growing. For many organizations, it’s still an emerging priority—one that demands immediate attention. That’s why we’re here: to raise awareness among businesses and IT leaders about the critical need to secure their operational infrastructure. Cybersec Europe provides an ideal platform to ignite these conversations. It’s also a valuable opportunity to connect with peers, exchange insights, and lay the groundwork for the next wave of innovation in OT security.
More information:
