In episode #64 of Beyond Tomorrow, Cecilia Jacobson, Business Area Manager for Technology at Plantvision, sits down with Martin Eriksson from Xertified. Their conversation provides a clear picture of where the industry stands today and why many organizations still underestimate both the scope and the consequences of today’s threat landscape.
A threat that has grown beyond what we are used to
Cybersecurity today is not just a technical issue, but part of a broader global context. The threat landscape has changed rapidly, but our understanding of its scope has not always kept pace.
“Vi pratar om hot som kommer både på vad vi kallar för nationalstater, som faktiskt vill oss mycket mer illa än vi tror. Vi pratar också om att cyberbrottslighet idag är världens tredje största ekonomi. USA är etta, Kina är tvåa. Sen kommer cyberbrottslighet.”
– Martin Eriksson, Xertified
Trots detta finns det fortfarande en utbredd föreställning om att hoten är avlägsna eller osannolika. Många organisationer agerar först när något inträffar, inte innan. Samtidigt blir konsekvenserna allt mer påtagliga när verksamhetskritiska system påverkas, särskilt i industriella miljöer där produktionen är central.
When IT and OT converge, new challenges arise
One of the biggest changes happening right now is that IT and OT environments are beginning to converge. Historically, OT has been isolated and optimized for stable operation, while IT has developed advanced methods to protect data. As these worlds now come together, a complex situation arises in which different priorities clash.
Organisationer behöver hantera både ökad uppkoppling och ökade krav på säkerhet, ofta i miljöer som redan är komplexa. System från olika leverantörer, olika generationer av teknik och brist på standardisering gör det svårt att skapa en enhetlig säkerhetsnivå. I OT-miljöer förstärks detta ytterligare av att utrustning ofta har lång livslängd och inte alltid kan uppdateras utan att påverka produktionen.
At the same time, there is another aspect that is often underestimated: the internal threat. A large proportion of cyber incidents originate from within the organization—from employees, partners, or suppliers—often unintentionally. This means that traditional security models, which are based on keeping threats out of the network, are no longer sufficient.
From perimeter security to identity-based security
Historically, security efforts have focused on protecting network boundaries through firewalls, segmentation, and traffic flow control. These methods are still relevant, but they are no longer sufficient on their own in today’s environments.
Instead, the focus needs to shift from the network’s structure to identity and access. It’s about ensuring that the right person or system has the right permissions at the right time—and nothing more. This shift aligns closely with the principles behind what is often calledZero Trust, where the starting point is that nothing should be open by default.
In practice, this means that security measures become more granular and context-based, rather than relying on broad zones or segments. At the same time, it requires a new way of thinking and a departure from established practices.
Another key insight from the discussion is that the path forward doesn’t have to start by solving everything at once. On the contrary, it may be more effective to begin with what is most critical to the business, and then build on that step by step.
Although both the technology and the methods are available, progress is often slow. The reason lies not only in technology but also in human factors. Established work practices, resistance to change, and the difficulty of prioritizing investments in something that has not yet caused an incident lead many organizations to adopt a wait-and-see approach.
But reality shows that the consequences can be far-reaching when it does happen, ranging from production stoppages to major economic and societal impacts.
A new approach to security
Cybersecurity has evolved from a technical support function into a business-critical issue. It is no longer just about protecting individual systems, but about ensuring that the entire organization can continue to operate, even in the face of a complex and ever-changing threat landscape.
“Hide everything that’s important, from everything and everyone,” explains Martin Eriksson of Xertified
Bakom den enkla formuleringen ligger ett skifte i synsätt från öppenhet till kontroll, från tillit till verifiering. För organisationer som verkar i gränslandet mellan IT och OT är detta inte längre ett framtidsscenario, utan en nödvändig förflyttning som redan har börjat.
Ready to take the next step?
How can these principles be put into practice without compromising on efficiency or productivity? And where do you start, without having to do everything at once?
Listen to the full episode ofBeyond Tomorrow, or get in touch with us to continue the conversation in whatever way works best for you.