%3Aquality(100)&w=640&q=75){kind=logo}
Securing Operations vs. Operators: What’s More Important?
CISA’s new OT security guidance spotlights a critical gap in industrial communications.
Apr 27, 2026
·Blog
·Jay Goodman
%3Aquality(100)&w=3840&q=75)
On February 10, 2026, CISA released Barriers to Secure OT Communication: Why Johnny Can’t Authenticate, a guidance document built from direct interviews with asset owners across water, transportation, chemical, energy, and food and agriculture sectors. The findings confirm what the critical infrastructure community has long suspected: legacy industrial protocols still lack basic authentication and integrity protections, and the secure versions that have existed for over 20 years have gone largely unadopted.
CISA guidance focuses squarely on securing operations: the machine-to-machine protocols that keep power flowing, water clean, and systems running. That focus is necessary. But it also raises an equally urgent question by implication: who is securing the operators?
What CISA Found
The CISA research paints a clear picture. Legacy OT protocols like Modbus, DNP3, CIP, and OPC DA were designed for reliability, not security. They lack integrity protections, device authentication, and data confidentiality. A threat actor with network access can impersonate a device or modify a command in transit. Past attacks, including Industroyer, could have been detected and prevented through authenticated OT communication.
Secure protocol versions have existed since the early 2000s. However, adoption remains minimal. CISA’s voice-of-customer research identified three categories preventing operators from deploying these protocols: cost (procurement, deployment, and sustained maintenance), availability fears (observability loss, latency impacts, lack of confidence in non-disruptive deployment), and PKI complexity (certificate provisioning, lifecycle management, and connectivity risks). Nearly every operator interviewed cited PKI difficulties as a primary deterrent.
The guidance references People’s Republic of China state-sponsored actors maintaining persistent access to U.S. critical infrastructure as a motivating threat. It recommends operators prioritize signing all OT communications, encrypt sensitive management traffic (passwords, key exchanges, firmware updates), and seek products with crypto-agility to future-proof their investments against algorithm changes, including the looming post-quantum cryptography transition.
The Missing Half: Securing the Operators
CISA’s guidance correctly identifies that an attacker on the OT network can impersonate a device or alter a message. But the same nation-state actors behind campaigns like Salt Typhoon and Volt Typhoon have simultaneously demonstrated the ability to compromise the telecom infrastructure that operators rely on to coordinate responses, push updates, and manage credentials.
This is where the operations/operators divide becomes dangerous. Consider:
CISA recommends encrypting management traffic, including password changes, key exchanges, and logic updates. But how are operators communicating those credentials? If a field technician receives a temporary password over a consumer messaging app traversing a compromised carrier network, the protocol-level encryption is irrelevant.
The guidance notes that PKI deployment requires coordination between field technicians, system integrators, and security teams, and that many operators need third-party service providers for these activities. That coordination requires secure information exchange. If the channel is compromised, the entire PKI deployment is undermined from the start.
When OT security fails, crisis response depends entirely on the integrity of human communication channels. If operators cannot securely coordinate during an incident, the incident escalates.
BlackBerry is trusted by all G7 and 18 of G20 governments for secure communications. Over 70% of U.S. federal government personnel are protected by BlackBerry AtHoc crisis communications.
The Answer: Secure Both the Operations and the Operators. Here’s How
You cannot meaningfully secure operations without securing operators. They are interdependent. This is not a theoretical concern; it is the operational reality CISA’s own research describes.
BlackBerry® Secure Communications is purpose-built for exactly this convergence. Where CISA’s guidance addresses the protocol layer, BlackBerry assures the entire human communications environment that makes protocol-level security deployable and sustainable. Every identity is verified. Every device is trusted. Every policy is enforced. Organizations don’t just send encrypted messages; they communicate with assured participants, controlled devices, and sovereign control.
Continuous Identity Verification
BlackBerry® SecuSUITE® cryptographically verifies every user and device before granting access to any communication. BlackBerry® UEM ties digital identity to organization-issued credentials via Active Directory. This is the human-layer equivalent of what CISA demands at the protocol level: no communication without verified identity. In a governed environment, customers explicitly authorize and continuously verify every participant, preventing outside users from gaining access with just a phone number.
PKI Made Manageable
BlackBerry® Professional Services handle certificate lifecycle management, accreditation documentation, and deployment, removing the exact burden that nearly every CISA interviewee cited as their top obstacle. BlackBerry UEM provides centralized certificate distribution to managed devices. Operators get simplified key provisioning without needing to build internal PKI expertise from scratch.
Secure Channels for Sensitive OT Management
End-to-end encrypted voice, messaging, and file sharing for exactly the management traffic CISA says must be encrypted: credentials, configuration changes, firmware updates, and incident response coordination. BlackBerry SecuSUITE maintains encryption across mobile, Wi-Fi, satellite, and public carrier networks.
Full Sovereign Control
On-premises or sovereign cloud deployment. Customer-owned encryption keys. Metadata shielding that protects not just what you say, but how you operate. Built on the explicit assumption that telecom networks are already compromised, addressing precisely the threat environment CISA’s guidance describes. Competitors operate in the cloud, where data and keys live on their servers. BlackBerry enables customers to decide where their data lives.
BlackBerry Secure Communications holds NIAP/Common Criteria, NATO Restricted, BSI, NSA CSfC, FedRAMP High, and FIPS 140-2/3 certifications. Mission-critical environments require mission-certified communications.
Crisis Communication Independence
BlackBerry® AtHoc® provides encrypted, multi-channel crisis coordination that operates independently of OT network infrastructure. When the OT network is degraded or under active attack, operators still have a secure, resilient platform to coordinate response. Blackberry AtHoc replaces fragmented notification systems with a unified operations platform that creates a continuous loop from detection to recovery.
The Convergence Imperative
CISA’s guidance is a necessary step toward securing industrial operations. But securing the protocols without securing the people who deploy, manage, monitor, and respond to those protocols leaves the job half done. The organizations that treat operations security and operator security as separate problems will find that compromising one compromises both.
BlackBerry Secure Communications delivers total communication integrity: the mission-certified standard for the people, devices, and coordination that make CISA’s guidance actionable, from the protocol layer to the people layer.
Securing Operations vs. Operators: What’s More Important?
CISA’s new OT security guidance spotlights a critical gap in industrial communications.
Apr 27, 2026
·Blog
·Jay Goodman
On February 10, 2026, CISA released Barriers to Secure OT Communication: Why Johnny Can’t Authenticate, a guidance document built from direct interviews with asset owners across water, transportation, chemical, energy, and food and agriculture sectors. The findings confirm what the critical infrastructure community has long suspected: legacy industrial protocols still lack basic authentication and integrity protections, and the secure versions that have existed for over 20 years have gone largely unadopted.
CISA guidance focuses squarely on securing operations: the machine-to-machine protocols that keep power flowing, water clean, and systems running. That focus is necessary. But it also raises an equally urgent question by implication: who is securing the operators?
What CISA Found
The CISA research paints a clear picture. Legacy OT protocols like Modbus, DNP3, CIP, and OPC DA were designed for reliability, not security. They lack integrity protections, device authentication, and data confidentiality. A threat actor with network access can impersonate a device or modify a command in transit. Past attacks, including Industroyer, could have been detected and prevented through authenticated OT communication.
Secure protocol versions have existed since the early 2000s. However, adoption remains minimal. CISA’s voice-of-customer research identified three categories preventing operators from deploying these protocols: cost (procurement, deployment, and sustained maintenance), availability fears (observability loss, latency impacts, lack of confidence in non-disruptive deployment), and PKI complexity (certificate provisioning, lifecycle management, and connectivity risks). Nearly every operator interviewed cited PKI difficulties as a primary deterrent.
The guidance references People’s Republic of China state-sponsored actors maintaining persistent access to U.S. critical infrastructure as a motivating threat. It recommends operators prioritize signing all OT communications, encrypt sensitive management traffic (passwords, key exchanges, firmware updates), and seek products with crypto-agility to future-proof their investments against algorithm changes, including the looming post-quantum cryptography transition.
The Missing Half: Securing the Operators
CISA’s guidance correctly identifies that an attacker on the OT network can impersonate a device or alter a message. But the same nation-state actors behind campaigns like Salt Typhoon and Volt Typhoon have simultaneously demonstrated the ability to compromise the telecom infrastructure that operators rely on to coordinate responses, push updates, and manage credentials.
This is where the operations/operators divide becomes dangerous. Consider:
CISA recommends encrypting management traffic, including password changes, key exchanges, and logic updates. But how are operators communicating those credentials? If a field technician receives a temporary password over a consumer messaging app traversing a compromised carrier network, the protocol-level encryption is irrelevant.
The guidance notes that PKI deployment requires coordination between field technicians, system integrators, and security teams, and that many operators need third-party service providers for these activities. That coordination requires secure information exchange. If the channel is compromised, the entire PKI deployment is undermined from the start.
When OT security fails, crisis response depends entirely on the integrity of human communication channels. If operators cannot securely coordinate during an incident, the incident escalates.
BlackBerry is trusted by all G7 and 18 of G20 governments for secure communications. Over 70% of U.S. federal government personnel are protected by BlackBerry AtHoc crisis communications.
The Answer: Secure Both the Operations and the Operators. Here’s How
You cannot meaningfully secure operations without securing operators. They are interdependent. This is not a theoretical concern; it is the operational reality CISA’s own research describes.
BlackBerry® Secure Communications is purpose-built for exactly this convergence. Where CISA’s guidance addresses the protocol layer, BlackBerry assures the entire human communications environment that makes protocol-level security deployable and sustainable. Every identity is verified. Every device is trusted. Every policy is enforced. Organizations don’t just send encrypted messages; they communicate with assured participants, controlled devices, and sovereign control.
Continuous Identity Verification
BlackBerry® SecuSUITE® cryptographically verifies every user and device before granting access to any communication. BlackBerry® UEM ties digital identity to organization-issued credentials via Active Directory. This is the human-layer equivalent of what CISA demands at the protocol level: no communication without verified identity. In a governed environment, customers explicitly authorize and continuously verify every participant, preventing outside users from gaining access with just a phone number.
PKI Made Manageable
BlackBerry® Professional Services handle certificate lifecycle management, accreditation documentation, and deployment, removing the exact burden that nearly every CISA interviewee cited as their top obstacle. BlackBerry UEM provides centralized certificate distribution to managed devices. Operators get simplified key provisioning without needing to build internal PKI expertise from scratch.
Secure Channels for Sensitive OT Management
End-to-end encrypted voice, messaging, and file sharing for exactly the management traffic CISA says must be encrypted: credentials, configuration changes, firmware updates, and incident response coordination. BlackBerry SecuSUITE maintains encryption across mobile, Wi-Fi, satellite, and public carrier networks.
Full Sovereign Control
On-premises or sovereign cloud deployment. Customer-owned encryption keys. Metadata shielding that protects not just what you say, but how you operate. Built on the explicit assumption that telecom networks are already compromised, addressing precisely the threat environment CISA’s guidance describes. Competitors operate in the cloud, where data and keys live on their servers. BlackBerry enables customers to decide where their data lives.
BlackBerry Secure Communications holds NIAP/Common Criteria, NATO Restricted, BSI, NSA CSfC, FedRAMP High, and FIPS 140-2/3 certifications. Mission-critical environments require mission-certified communications.
Crisis Communication Independence
BlackBerry® AtHoc® provides encrypted, multi-channel crisis coordination that operates independently of OT network infrastructure. When the OT network is degraded or under active attack, operators still have a secure, resilient platform to coordinate response. Blackberry AtHoc replaces fragmented notification systems with a unified operations platform that creates a continuous loop from detection to recovery.
The Convergence Imperative
CISA’s guidance is a necessary step toward securing industrial operations. But securing the protocols without securing the people who deploy, manage, monitor, and respond to those protocols leaves the job half done. The organizations that treat operations security and operator security as separate problems will find that compromising one compromises both.
BlackBerry Secure Communications delivers total communication integrity: the mission-certified standard for the people, devices, and coordination that make CISA’s guidance actionable, from the protocol layer to the people layer.
%3Aquality(100)&w=3840&q=75)