Abstract:

The aim of the article is to analyze information security management in the context of Industry 4.0. Based on a literature review, theoretical models and case studies, key challenges related to the convergence of OT IT systems, the vulnerability of critical infrastructure and the role of SMEs are discussed. Threats were identified, allowing the development of effective protection strategies including Zero Trust policies, microsegmentation, SIEM systems, encryption, IAM, risk analysis procedures and training. Based on this, recommendations were made: for executives and regulators (support of SMEs, standards and mandatory incident reporting), while for practitioners (implementation of integrative approaches to security and an organizational culture based on continuous improvement). The article also identifies research gaps in the area of OT Zero Trust - in the context of operational technologies, AI threat detection and training effectiveness.