Shawn Anderson's Cyber Blog

Cloud, Assurance, Forensics, Engineering

Tag: IoT

Cybersecurity and convergence of IT/IoT/OT environments – It is time!

April 15, 2025 / / 0 Comments

The convergence of Information Technology (IT), the Internet of Things (IoT), and Operational Technology (OT) is reshaping industries, yet OT remains deeply rooted in its on-premises heritage. Industry trends estimate that 80-90% of OT systems are still managed locally, reflecting a historical preference for air-gapped or minimally connected setups to ensure uninterrupted operations in critical infrastructure. A prime example is the Programmable Logic Controller (PLC), a rugged industrial computer that automates processes like running assembly lines in manufacturing, regulating power grids in energy, or controlling water treatment in utilities. PLCs, with lifecycles often spanning 20-30 years, are built for reliability but rarely designed for cloud connectivity, anchoring many OT environments to legacy systems.

Thes systems are often incompatible with cloud connectivity. Recent market analyses highlight a slow but growing shift toward hybrid and cloud-based solutions, with cloud adoption in OT security and management projected to rise significantly—though it still lags on-premises dominance. This hesitancy stems from concerns over latency, cybersecurity risks, and regulatory compliance, particularly in sectors where downtime or breaches could have catastrophic consequences.

For CISOs, CIOs, and CTOs, navigating this transition is a strategic imperative. In this blog, we’ll explore four key points to help technology leaders prepare for this convergence and embrace a future-ready approach. During my three plus years at Boston Meridian we have come across a lot of exciting companies working in OT and helping to bridge the gap. The main topic of discussion coming up seems to be that of “active” vs “passive” or agent vs agentless based solutions. This is a tricky world to navigate because of the legacy of OT systems and the fact many of these operational systems are shifting over to the technical and security teams for monitoring. This requires architecture discussions and how to adopt new and emerging technologies for OT.

  1. The On-Premises OT Landscape and Emerging Cloud Adoption
    With 80-90% of OT systems still on-premises, industries prioritizing control—like manufacturing with its PLCs and SCADA, or energy with its grid management—favor localized setups to mitigate risks. However, IoT integration is nudging these sectors toward hybrid models, where cloud solutions enhance monitoring and analytics while preserving on-premises stability. Understanding this shift’s pace is critical for aligning with industry-specific needs.
  2. Why Hybrid Environments Are the Sweet Spot
    A hybrid approach blends on-premises reliability with cloud flexibility, delivering tailored benefits across OT-reliant sectors. It enables real-time insights and predictive maintenance—think centralized oversight for utilities or optimized logistics in transportation—all while maintaining security. This balance is especially appealing for industries like manufacturing and energy, where legacy systems must coexist with modern demands.
  3. Strategic Choices: Cloud, On-Premises, or a Blend?
    The path forward varies by industry. Staying on-premises offers control, crucial for oil and gas pipelines or healthcare’s smart systems, but limits scalability. Full cloud adoption suits data-driven monitoring in logistics yet risks latency in time-sensitive OT processes. A hybrid model often strikes the right chord—cloud analytics for non-critical workloads paired with local control for mission-critical operations—allowing leaders to tailor strategies to their sector’s realities.
  4. Leveraging AI, ML, and Vulnerability Analysis as the Convergence Catalyst
    Artificial Intelligence (AI) and Machine Learning (ML) transform raw data from IoT, IT, and OT systems into actionable intelligence, revolutionizing both architecture design and monitoring. In architecture design, AI-driven simulations help leaders model resilient hybrid environments, optimizing data flows between on-premises OT and cloud-based IT systems.

For example, in manufacturing, AI can predict how IoT sensors integrate with legacy PLCs, ensuring low-latency performance. ML algorithms refine these designs by learning from operational patterns, enabling adaptive architectures that scale securely—critical for energy grids or transportation networks. For monitoring, AI-powered anomaly detection identifies deviations in real-time, such as unusual equipment behavior in utilities or traffic anomalies in logistics, flagging potential failures before they escalate.

ML enhances this by continuously improving detection accuracy, learning from historical OT data to reduce false positives. Vulnerability analysis, a key AI/ML application, strengthens cybersecurity across converged environments. By scanning IoT devices, IT networks, and OT systems, AI identifies weaknesses—like outdated firmware in healthcare devices or misconfigured SCADA systems in oil and gas—prioritizing risks based on exploitability.

This proactive approach helps CISOs design segmented architectures that isolate critical OT assets while enabling secure cloud monitoring. Together, these technologies empower leaders to build robust, future-proof systems and maintain vigilant oversight, turning convergence into a competitive advantage.

Industries Poised to Benefit

This convergence impacts on a range of OT-dependent verticals, each with unique stakes:

  • Manufacturing: Industrial control systems and automation stand to gain from hybrid monitoring and AI-driven maintenance.
  • Energy and Utilities: Grid and water management can leverage cloud analytics while securing critical infrastructure.
  • Oil and Gas: Remote pipeline operations benefit from hybrid scalability without compromising safety.
  • Transportation and Logistics: Real-time coordination improves with AI and hybrid visibility.
  • Healthcare: Emerging OT in smart hospitals gains efficiency and security through strategic integration.

For technology leaders across these sectors, the IT/IoT/OT convergence demands action. What is the call to action:

Don’t wait for your organization to ask “what are we doing about OT?”. I know many of my peers are busy with the day to day, “blocking and tackling” and might feel they don’t have the time to look at this. You have to make the time.

Begin by assessing your infrastructure, how can cloud integration enhance your OT systems? Craft a roadmap balancing on-premises strengths with hybrid innovation, and harness AI to unlock data-driven potential. Whether you prioritize cloud agility, reinforce on-premises control, or blend both, preparation is key. Don’t underestimate the value of building architecture diagrams of the different systems. Make sure you have a strategy around vulnerability analysis and visibility. Finally, it’s about resilience and recovery as you WILL have issues. The adversaries are relentless and have more and more tools at their disposal every day.

In a few weeks I will be at the 2025 RSA Conference in San Francisco. I along with the team at Boston Meridian Partners would be happy to chat about the state of the markets or help you navigate the M&A process. Please reach out to us via our webpage and LinkedIn below.

www.bostonmeridian.com

Boston Meridan LinkedIn Page <- Follow this company!

About the author

Shawn Andersonhas an extensive background in cybersecurity, beginning his career while serving in the US Marine Corps. He played a significant role as one of the original agents in the cybercrime unit of the Naval Criminal Investigative Service.

Throughout his career, Mr. Anderson has held various positions, including Security Analyst, Systems Engineer, Director of Security, Security Advisor, and twice as a Chief Information Security Officer (CISO). His CISO roles involved leading security initiatives for a large defense contractor’s intelligence business and an energy company specializing in transporting environmentally friendly materials.

Beyond his professional achievements, he is also recognized for his expertise in the field of cybersecurity. He is a sought-after speaker, writer, and industry expert, providing valuable insights to both C-Suite executives and boards of directors.

Currently, Mr. Anderson serves as the Chief Technology Officer (CTO) for Boston Meridian Partners. In this role, he evaluates emerging technologies, collaborates with major security providers to devise cybersecurity strategies, and delivers technological insights to the private equity and venture capital community.

Overall, Shawn Anderson’s career journey showcases a wealth of experience in cybersecurity and leadership roles, making him a respected and influential figure in the industry.

Cybersecurity Trends from a CTO/CISO perspective

April 11, 2023 / / 0 Comments

It’s been a fast 15 months since I started on this journey working as the CTO for an investment bank. I’ve traveled all over the United States, held conversations with 100’s of Venture Capital, Private Equity, and exciting newer security startups. There have been a few trends which keep bubbling to the top that I wanted to share with all of you. As we all know cybersecurity isn’t anything new but something all companies, large and small, need to be doing. Cybersecurity has become an increasingly important area of focus for businesses and governments, with the rising frequency and severity of cyber-attacks as well as the renewed governance focus at the board level.

As a result, there has been a growing interest in investing in cybersecurity companies and technologies. Here are some of the investment trends in cybersecurity:

Cloud Security: With more businesses moving their operations to the cloud, cloud security has become a top priority. Investors are looking for companies that provide cloud security solutions, such as cloud access security brokers (CASBs), cloud security posture management (CSPM) tools, and cloud workload protection platforms (CWPPs). Using rough numbers from quarterly earnings of the top 3 cloud providers (GCP, AWS, and Microsoft) they are roughly $350b annual revenue which is a small percentage of the overall global IT spend of $4.2T. This area will continue to grow.

Identity and Access Management (IAM): IAM solutions have become essential for managing access to corporate networks, applications, and data. Investors are looking for companies that provide IAM solutions such as identity governance and administration (IGA), multi-factor authentication (MFA), privileged access management (PAM), and User access management.

Artificial Intelligence (AI) and Machine Learning (ML): AI and ML are being used to enhance cybersecurity by enabling faster threat detection and response. Investors are looking for companies that provide AI and ML-powered solutions such as security analytics, threat detection and response, and fraud prevention. This area spooks me a bit as it’s moving so quickly and from what I’ve seen without any guardrails to keep it 100% safe, ethical, and working in the best interests of it’s creators.

Internet of Things (IoT) Security: As more devices become connected to the internet, IoT security has become a critical concern. Investors are looking for companies that provide IoT security solutions such as device management, data encryption, and firmware security. Other areas are Operational Technology (OT) which is a term defining a specific category of hardware and software whose purpose is to monitor and control the performance of physical devices. The other is Industrial Internet of Things (IIoT) designed to incorporate technologies such as machine learning, machine-to-machine (M2M) communication, sensor data, Big Data, etc.

Cyber Insurance: Cyber insurance has become increasingly popular as a way for businesses to mitigate the financial risks associated with cyber attacks. Investors are looking for companies that provide cyber insurance policies and risk assessment services. This is a growing area with a lot of unknown variables. Unlike traditional insurance such as life and auto the data available on cyber is limited to the past 40 years and is always advancing. This area will continue to mature and be extremely important as companies try to defer and manage their risk.

Cybersecurity Consulting and Integration: With cybersecurity becoming more complex, businesses are seeking the expertise of cybersecurity consultants to help them develop and implement effective cybersecurity strategies. Investors are looking for companies that provide cybersecurity consulting services. An offshoot of this is Cloud System Integration or Cloud SI. Companies who can help other companies to deploy the cloud solutions they have acquired to get it deployed in the quickest way possible. These companies who are “born in the cloud” have an advantage today because they have the ability to move at “cloud speed”. The issue is training the talent to do the work.

Overall, the cybersecurity industry is expected to continue to grow, and investors are expected to continue to invest in companies that provide innovative and effective cybersecurity solutions.

About the author

Shawn Anderson has an extensive background in cybersecurity, beginning his career while serving in the US Marine Corps. He played a significant role as one of the original agents in the cybercrime unit of the Naval Criminal Investigative Service.

Throughout his career, Anderson has held various positions, including Security Analyst, Systems Engineer, Director of Security, Security Advisor, and twice as a Chief Information Security Officer (CISO). His CISO roles involved leading security initiatives for a large defense contractor’s intelligence business and an energy company specializing in transporting environmentally friendly materials.

Beyond his professional achievements, Anderson is recognized for his expertise in the field of cybersecurity. He is a sought-after speaker, writer, and industry expert, providing valuable insights to both C-Suite executives and boards of directors.

Currently, Anderson serves as the Chief Technology Officer (CTO) for Boston Meridian Partners. In this role, he evaluates emerging technologies, collaborates with major security providers to devise cybersecurity strategies, and delivers technology insights to the private equity and venture capital community.

Overall, Shawn Anderson’s career journey showcases a wealth of experience in cybersecurity and leadership roles, making him a respected and influential figure in the industry.

© 2025 Shawn Anderson's Cyber Blog

Theme by Anders NorenUp ↑