Transforming to a smart manufacturing factory means integrating security practices and technology into plant processes via interconnected machinery, automation, data driven operations, communications, and software. The systems and roles that protect these increasingly digital operations and resources are essential. Of these roles, who can assist determining what and if something changed from a cybersecurity perspective – a configuration setting, firmware version, new port opened, new device connected to the network, etc.? Who is a junior part of the prevention, detection, and resolution capability when there is a production outage that is impacting the plant’s ability to make product? Keeping the human, physical, and digital assets secure is the responsibility of both the operating technology and information technology areas and many job roles at all levels that ensure secure operations.
So, which of these roles is the entry-level operations role who is the “on the ground eyes, ears and voice” for IT (Information Technology) and OT’s (Operational Technology) shared interests, closest to the operating environment and its security protections? The Manufacturing Cybersecurity Systems Operator has a primary focus to monitor, record, detect, and report security system performance and functions. Who is the role that may overlap into other adjacent cyber roles as experience and skill increases, but usually does not take on tasks associated with production or assembly operations? The Manufacturing Cybersecurity Systems Operator is not a conventional equipment operator but a systems operator who uses security software and processes for protecting factory floor automation and control technology assets, information, processes, and employees. On a daily basis, these systems operators watch and report the security status in diverse industrial and product settings: they monitor and escalate OT and IT concerns crossing plant automation and control platforms, components, IoT devices, access points, network connections, and more.
Who can be a bridge with IT and help advance old paradigms of plant isolation, creating better practices and improved performance? As an entry level cybersecurity “utility player”, these System Operators can more broadly support plant engineering, production management, quality and ICS by leveraging varying worker backgrounds and experiences. And who then can help to revert that change back so that the process is back to operating at a functional, productive state? This Manufacturing Cybersecurity Systems Operator role may be an internal role of a manufacturer and may have other IT and/or OT responsibilities; it also may be a role employed at a manufacturer, through a third-party vendor, systems integrator, or factory automation technology provider. The scope of systems that an operator works with can be proprietary or third-party, including across multiple manufacturers, software packages, network architectures, and/or industrial components. Systems and technologies under the umbrella of OT that relate to this role are Industrial Control Systems (ICS), SCADA, DCS, PLC, etc.
As experience increases, this role - which can start as a Level I and progress to a Level II or III operator - may add analysis and detection tasks, engage more deeply with related functions, and participate in cyber testing and exercising. Also, this role may serve as an incident SME if a specific threat, incident or breach occurs and the operator is needed for further response, recovery, and restoration.
With numerous available certifications and training programs available to learn and practice, and then supported on-the-job by technology and further training, this role is a solid opportunity to bring or transition diverse backgrounds into both the manufacturing and cybersecurity environment, a win-win for the workforce and manufacturers.
Read the full success profile