Recent Breaches
Breaches
2026PowerSchool62.4M stolen62.4M records stolen2026DISA Global Solutions3.3M stolen3.3M records stolen2026Globe Life850K stolen850K records stolen2026HertzUndisclosed stolenUndisclosed records stolen2026NHS ScotlandUndisclosed stolenUndisclosed records stolen2025Marks & Spencer9.4M stolen9.4M records stolen2025PayPal35K stolen35K records stolen2025Co-operative GroupUndisclosed stolenUndisclosed records stolen2025Jaguar Land RoverUndisclosed stolenUndisclosed records stolen2024National Public Data2.9B stolen2.9B records stolen2026HertzUndisclosed stolenUndisclosed records stolen2026NHS ScotlandUndisclosed stolenUndisclosed records stolen2025Marks & Spencer9.4M stolen9.4M records stolen2025PayPal35K stolen35K records stolen2025Co-operative GroupUndisclosed stolenUndisclosed records stolen2025Jaguar Land RoverUndisclosed stolenUndisclosed records stolen2024National Public Data2.9B stolen2.9B records stolen2026PowerSchool62.4M stolen62.4M records stolen2026DISA Global Solutions3.3M stolen3.3M records stolen2026Globe Life850K stolen850K records stolen
View All →
Why OSS

OT vs IT
Security

Same word, different discipline. Four differences that decide how you segment, patch, monitor and recover on an industrial estate.

R5.2
Where they diverge

Four Differences That Change Every Decision

Priority ranking, lifecycle, network engineering and recovery all pull OT security away from the IT security playbook.

01
Availability vs confidentiality

Priority ranking is inverted

IT security ranks confidentiality first, then integrity, then availability. OT security inverts that: availability comes first because an unavailable plant is a safety event, then integrity of the process, then confidentiality. Every downstream decision, from patching to backup, follows from that inversion.

IT: confidentiality firstOT: availability firstSafety drives the ranking
02
OT kit outlives IT kit by an order of magnitude

Lifecycles are decades, not quarters

IT kit refreshes on a three to five year cycle. OT kit runs for fifteen, twenty or thirty years, on operating systems that were current when it was installed. That means unpatched systems, legacy protocols and a much larger attack surface for anything that reaches the plant floor.

OT lifecycles measured in decadesLegacy operating systemsCannot be patched on the IT cadence
03
Deterministic protocols, not best effort

Networks are engineered, not managed

OT networks run deterministic industrial protocols and are engineered for predictable timing and safety. Introducing an IT security control that adds latency or drops packets can trigger a safety event. This is why standard IT tooling often cannot be deployed inside an OT estate without careful redesign.

Deterministic industrial protocolsLatency is a safety concernIT tooling rarely fits as-is
04
Restore, not just detect

Recovery is a first order requirement

IT security invests heavily in detection and response because the outcome of a compromise is often data loss. OT security must invest in recovery because the outcome is production loss and potential safety impact. A verified, offline gold copy that can be restored quickly is the anchor of any credible OT recovery plan.

Detection is necessary but not sufficientRecovery drives designOffline gold copy is the anchor

Continue reading on the pillar guide and the definitional overview.

OT vs IT Security, Common Questions

Mark Fermor
David Bailey
Kenny Phipps
Online Now
Concierge

Bring the offline gold copy into your OT plan

Talk to the Firevault team about a physically disconnected copy of your OT gold data, isolated from the domain that ransomware compromises first.

Takes about 2 minutes. No account needed.

Free2 minsNo sign-up
    Get started

    Your privacy matters

    We use cookies to keep the site running smoothly and to understand how you use it. You are in control. Privacy Charter · Cookie Policy