In this interview with Help Net Security, Miranda Ritchie, industrial cybersecurity, CISO at Orbia, talks about protecting industrial systems where software runs water, chemical and manufacturing processes. She explains why a cyber incident in these settings can harm people, equipment and the environment, and how spread-out sites and aging control hardware widen the risk.
Ritchie describes tying security to safety culture, embedding cyber teams early in new projects, and treating nothing as trusted just because it sits on the network. Her view: speed and security can support each other.
In environments where digital systems control physical processes, like water distribution, manufacturing lines or chemical production, a cyber incident can quickly have real-world consequences. Can you walk through how you think about that intersection between cybersecurity, safety and environmental impact?
In operational environments where digital systems control physical processes, cybersecurity isn’t just about protecting systems or data. It’s about protecting people, equipment and the surrounding environment. At the intersection of these risks are three overlapping objectives: cybersecurity, which protects the confidentiality, integrity and availability of systems and data; safety, which protects people from harm; and environmental protection, which prevents spills, contamination, emissions and resource waste.
Unlike traditional IT incidents, cyber incidents in operational environments can translate directly into real-world harm. For example, an incident could disable a safety alarm or alter controller settings that affect a physical process. At Orbia, cyber teams sit at the same table as health and safety, engineering, operations and sustainability teams. We invest in securing our production facilities through secure control implementation, process improvements and operational resilience initiatives such as recently conducting our first OT cyber incident tabletop exercise.
A lot of green infrastructure is geographically scattered by design, with thousands of remote endpoints sitting in fields, on rooftops, and offshore. How does that physical dispersion change the threat model compared to defending a centralized plant?
Orbia’s global footprint and diverse spread of business groups and manufacturing sites make this especially true. We have 22,000 employees across five business groups with more than 100 production sites and operations in more than 50 countries. The “perimeter” was never really a single fence line to begin with. We were already a distributed organization by design.
However, COVID-19 changed the game for many companies in this respect, including Orbia. These days, it’s rare to find a workforce that’s 100% connected to onsite networks. Work happens beyond the corporate LAN, and our defenses must evolve accordingly. Endpoint, identity and cloud security are key areas of focus for us to ensure that we can protect, detect and respond to threats no matter the physical location.
Drip irrigation networks, fiber-conduit plants, and fluor and battery-materials facilities were engineered by people optimizing for efficiency and yield, not for adversaries. When you walk into one of these environments for the first time, what’s the security assumption you find baked into the hardware that worries you most?
The one assumption that worries me the most is the mindset that “if it’s on our network, it’s trusted.” Across every Orbia environment, whether it’s a programmable logic controller (PLC) on an extrusion line for our Connectivity Solutions business, a smart controller for one of our Building & Infrastructure or Precision Agriculture digital products, or a distributed control system in a chemical facility for our Polymer Solutions business, the hardware was designed for uptime and long service life.
Authentication, encryption and modern detection and response were not necessarily built-in requirements. Like most companies with manufacturing operations, legacy technology that can’t be patched and doesn’t meet modern security requirements is a part of our daily reality. This makes accurate asset inventory, IT and OT network segmentation, our zero-trust and secure remote access and other key controls not just a nice-to-have, but an imperative.
Sustainability companies tend to attract mission-driven talent who joined to fight climate change, not to think like attackers. How do you instill security instincts in a workforce whose passion points somewhere else entirely?
As an industrial sustainable solutions company, safety and health are woven into everything we do: our entire workforce mobilizes behind them every single day. From that foundation, it’s a natural progression to extend a safety-first mindset into a safety- and security-first mindset; the instinct to protect people and the environment is the same instinct we need to protect our data and networks.
For me, one of the defining turning points was bringing our leadership team together for our first cyber crisis simulation. In that exercise we demonstrated tangibly how a critical security event could quickly escalate into a safety or environmental-impacting event — and that moment fundamentally shifted the conversation. Cyber stopped being an IT topic and became a business, safety and sustainability topic.
Over time, I’m proud to say our workforce has matured immensely in terms of cyber awareness. Security is viewed as a trusted partner that helps the business move forward, enabling our teams to advance key initiatives and sustainability goals securely, at speed and with confidence.
There is often pressure to rapidly scale sustainable solutions to meet climate and infrastructure needs, which can mean deploying new technologies quickly. How do you balance the urgency of that expansion with the need to build in strong cybersecurity from the outset?
Speed and security are not necessarily incompatible. We’ve made secure-by-design principles non-negotiable for every new digital initiative, whether it is smart manufacturing, sustainability, commercial excellence, customer service, R&D or more.
Cyber teams engage early in the design phase to ensure a new business initiative is secure from the start. We make informed decisions about risks well in advance, not after a contract is signed or a system is already in production, when changes become exponentially more expensive and disruptive. We do this through strong business-cyber partnership: our team members are embedded alongside business and functional leaders in project intake and vendor selection, running risk assessments, validating controls and helping teams choose architectures that can scale safely.
The goal is to give the business confidence to move faster. When cyber acts as a co-designer, speed and resilience reinforce each other.
![]()
Simplify security management with CIS SecureSuite Platform

