FREE GRC Workshop

LEARN MORE

Recommended Event: Convene: Boston | Cybersecurity & Human Risk Conference Aug 13 - 14, 2026

How to Build a CPS Security RACI

Solution Category IoT Security
Type Webinar
Organization Claroty
Event Format Company Webinar

Webinar Description

Key Takeaways

  • Practical guidance on building a RACI matrix specifically designed for Cyber-Physical Systems security in industrial environments
  • Strategies for bridging persistent divides between IT security teams and operational technology personnel
  • Template walkthrough for mapping vulnerability management and network segmentation workflows
  • Approaches to maintaining production uptime while implementing security controls
  • Relevant to manufacturing, energy, utilities, healthcare and transportation sectors operating critical infrastructure

Establishing Accountability in Industrial Cybersecurity

Industrial organisations face a persistent challenge that technical solutions alone cannot resolve: determining who bears responsibility for securing the cyber-physical systems that underpin modern production environments. This webinar from Claroty addresses the organisational dynamics that frequently undermine industrial cybersecurity programmes, offering a structured methodology for establishing clear roles and responsibilities across traditionally siloed departments.

The session targets security engineers, OT leads, plant managers and executive leadership grappling with the complexities of protecting operational technology whilst maintaining the production uptime that industrial operations demand. As regulatory scrutiny of critical infrastructure intensifies and threat actors increasingly target industrial control systems, the need for formalised accountability structures has become acute.

About This Event

Claroty presents a forty-five minute virtual session led by Sean Tufts, Field CTO for Industrial, examining how organisations can construct a RACI matrix tailored to the unique requirements of CPS security. The RACI framework—defining who is Responsible, Accountable, Consulted and Informed for each security function—provides a governance structure that many industrial organisations lack despite having invested substantially in security technologies.

The webinar includes a detailed walkthrough of an industrial security RACI matrix template, offering attendees a practical starting point rather than purely theoretical guidance. A live question and answer segment allows participants to address organisation-specific challenges directly with the presenter.

The IT-OT Divide and Its Security Implications

The friction between information technology and operational technology teams represents one of the most significant barriers to effective industrial cybersecurity. These groups operate under fundamentally different priorities: IT security teams typically prioritise confidentiality and rapid patching cycles, whilst OT personnel focus on system availability, safety and the operational continuity that keeps production lines running.

This cultural and operational divide creates ambiguity around security responsibilities. When a vulnerability is discovered in a programmable logic controller or a network segmentation project requires changes to industrial network architecture, the question of ownership frequently remains unresolved. Security initiatives stall as teams debate jurisdiction, or worse, critical tasks fall through the gaps entirely because each group assumes the other holds responsibility.

The webinar addresses these dynamics directly, acknowledging that technical controls prove ineffective without the organisational structures to implement and maintain them. Cyber-physical systems present particular challenges because they span traditional IT and OT boundaries—a historian server collecting production data, for instance, may fall under IT infrastructure management whilst serving operational purposes that OT teams consider mission-critical.

Building Repeatable Security Workflows

Beyond establishing accountability, the session examines how organisations can develop consistent, repeatable processes for common security activities. Vulnerability management in industrial environments differs substantially from enterprise IT patching—production systems often cannot be taken offline for updates, and patches for industrial control systems may lag months or years behind vulnerability disclosures.

Network segmentation presents similar complexity. Properly isolating industrial networks from corporate infrastructure and segmenting zones within the OT environment requires coordination between network engineers, control system specialists, production managers and security teams. Without clearly defined workflows specifying who initiates segmentation projects, who approves changes during maintenance windows and who validates that production systems remain functional, these initiatives frequently encounter delays or resistance.

The RACI approach provides a mechanism for documenting these workflows in a format that stakeholders across the organisation can understand and reference. Rather than relying on institutional knowledge or ad hoc coordination, teams can consult a defined matrix that clarifies expectations for each phase of a security initiative.

Securing Organisational Buy-In

Technical merit alone rarely ensures the success of industrial security programmes. Plant managers may view security controls as threats to production targets. Engineering teams may resist changes to systems they have operated reliably for decades. Executive leadership may struggle to justify security investments that lack clear return-on-investment metrics.

The webinar addresses strategies for overcoming this internal resistance. A well-constructed RACI matrix serves not only as an operational tool but as a communication device that demonstrates how security responsibilities integrate with existing roles rather than creating entirely new burdens. When stakeholders understand precisely what is expected of them—and equally importantly, what falls outside their remit—resistance often diminishes.

The framework also provides executive leadership with visibility into security governance without requiring deep technical expertise. A CISO can review the matrix to confirm that critical functions have clear ownership, whilst a plant manager can verify that security activities account for production scheduling constraints.

Protecting Operational Continuity

Industrial cybersecurity must contend with a constraint that enterprise IT security rarely faces: the potentially catastrophic consequences of system downtime. A manufacturing line halted for security patching represents lost production and revenue. A utility’s control system taken offline for network changes may affect service delivery to thousands of customers. In some environments, improper security interventions could create safety hazards for personnel or the public.

The session emphasises approaches that protect operational uptime whilst advancing security objectives. This requires security teams to understand production schedules, maintenance windows and the operational impact of proposed changes. It equally requires operations personnel to appreciate security risks and participate constructively in mitigation efforts. The RACI framework facilitates this mutual understanding by making the consultation and information-sharing requirements explicit.

Who Should Attend

The webinar serves professionals across the industrial cybersecurity spectrum. OT leads and plant managers will find practical guidance for integrating security responsibilities into operational workflows. CISOs and security engineers gain a framework for extending security governance into environments where traditional IT approaches prove inadequate. IT/OT managers occupying the increasingly common hybrid roles bridging both domains will benefit from structured approaches to cross-functional coordination.

Organisations in manufacturing, energy, utilities, healthcare and transportation—sectors where cyber-physical systems form the backbone of operations—represent the primary audience. The content assumes familiarity with industrial environments and the challenges of securing operational technology, making it most relevant for mid-level to executive professionals with existing exposure to these domains.

The Growing Imperative for CPS Security Governance

The convergence of IT and OT networks has accelerated dramatically, driven by digitalisation initiatives, remote monitoring requirements and the operational efficiencies that connected systems enable. This convergence expands the attack surface for industrial environments whilst complicating the governance structures needed to protect them. Threat actors have demonstrated both the capability and intent to target industrial control systems, with incidents affecting manufacturing operations, energy infrastructure and water treatment facilities.

Regulatory frameworks increasingly mandate formal security governance for critical infrastructure operators. Demonstrating clear accountability for security functions has become not merely a best practice but a compliance requirement in many jurisdictions. Organisations that lack documented responsibility structures may find themselves exposed both to security incidents and to regulatory consequences.

Against this backdrop, the RACI methodology offers a proven governance tool adapted to the specific requirements of industrial cybersecurity. The webinar provides both the conceptual foundation and practical templates needed to implement this approach within complex industrial organisations.