Select your country

Belgium

China

Denmark

France

Germany

Maghreb & West Africa

Netherlands

Norway

South Africa

Spain

Sweden

Switzerland

United Kingdom

Not finding what you are looking for, select your country from our regional selector:

Search

  1. Orange Cyberdefense
  2. Insights
  3. Case Studies
  4. Relationship between IT and OT security
| Page

Relationship between IT and OT security

Cybersecurity OT/IoT
Afbeelding pand hoogheemraadschap

Share

Securing the Dutch water board: The relationship between IT and OT security

Over the past decade, cybersecurity has expanded considerably from information technology (IT) and business systems to include operational technology (OT). The Rijnland Water Board, responsible for the management of crucial water infrastructure and systems, recognizes the growing importance of OT security. In collaboration with Orange Cyberdefense and Microsoft, they began pioneering work to incorporate their OT environment into their IT security architecture. This article will explore the importance of IT/OT integration for the Dutch water board, the challenges they face, and the steps taken so far to secure their critical infrastructure.

The growing importance of OT security

Since 1255, the Dutch Water Board have been taking care of the well-being of the country by managing water purification systems, canals and flood defences. With the advent of IT systems in the 60s and SCADA technology in 1980, remote monitoring and control became the new standard. Today, they form the basis for IT/OT integration.

"Because IT-based OT and industrial control systems (ICS) significantly increase the attack surface, it is increasingly necessary to have robust OT security," says Jeroen Wijnands, OT security expert at Orange Cyberdefense. Cyber actors, including advanced persistent threat (APT) groups, target OT/ICS systems and critical infrastructures to gain political and economic benefits. To combat these threats, the Dutch Water Authorities prioritize monitoring and protecting their critical OT assets.

Sierk Hoeksma, Manager Information & Digitalisation at Rijnland Water Board, emphasises the importance: "Our residents live and work safely below sea level and demand that our IT and OT solutions are robust and secure 24/7, all year round. Since a significant portion of our OT solutions are located in publicly accessible areas within our region, monitoring and securing these assets is critical."

A progressive collaboration between IT and OT

In 2022, Rijnland Water Board started a proof-of-concept to incorporate their OT environment into their IT security architecture. This initiative aims to gain control over all assets in the OT domain, including complex and vulnerable infrastructure systems. Hans Smit, Information Security Advisor OT at Rijnland Water Board: "A large part of this infrastructure is built to work 'stand alone'. Connecting all systems and bringing them together in one management system is a major challenge."

Recognizing the challenge coupled with the changing threat landscape, the Water Board sought external expertise to protect their IT and OT domains. Hoeksma: "Hackers are becoming more and more inventive these days, so we had to look for an external partner who could actively help us in the IT and OT domain to protect us against these threats. We have developed an OT lab with parts of the technology we use. With Orange Cyberdefense and Microsoft as our partner, we can now actively simulate potential attacks to learn how to better defend our critical infrastructure. We can even test solutions before we put them into production to improve our defense capabilities."

Working towards a safe production environment

Extensive testing and simulations of potential attacks in the OT lab have already provided valuable insights into potential threats and vulnerabilities. "These findings have led, among other things, to the development of new playbooks, designed to detect and mitigate emerging problems in OT systems," Smit said.

After extensive testing, Rijnland Water Board is now ready to implement the first lessons learned in their live production environment. This transition marks an important step in enabling security monitoring for critical infrastructure. Smit adds: "Looking back on the journey so far, once in production, I expect updates from our OT technology partners to meet our enhanced security standards. These updates are not limited to PLCs and routers, but will also include sensors, frequency converters and various other products."

The way forward: Strengthening the digital security of water infrastructure

Hoeksma is positive about the future and sees great opportunities. By working with expert partners, conducting thorough tests and implementing new insights, the Dutch water authorities strive to keep their water infrastructure safe and prepared for potential future challenges. "These advances in technology also allow for deeper integrations, bringing more data into the organization, for example, for improved risk management, predictive maintenance, better asset management, and ultimately better data-driven decision-making. It's important to keep pushing, now and in the future, so that we can focus on maintaining a safe environment to live in."

The integration of IT and OT security has become an essential part of the strategy to secure the critical infrastructure of the Rijnland Water Board. And with Orange Cyberdefense and Microsoft as valuable partners, they are prepared to face potential challenges with confidence.

Learn more about OT Security

14 October 2025

Managed Industrial Security

Read more
Industrial machines

15 October 2023

OT Security Assessments

Read more
24/7 incident hotline