Eliminating Silos in IT/OT Cybersecurity Is a Funding Challenge, Not a Technical One

The convergence of information technology (IT) and operational technology (OT) has transformed how government agencies manage everything from data centers to power grids. As nation‑state actors launch increasingly sophisticated campaigns, the traditional split between IT and OT security teams creates blind spots that adversaries can exploit. The White House’s Cyber Strategy for America acknowledges this risk, calling for a unified security posture across critical infrastructure. However, the strategy stops short of providing the financial scaffolding required to turn policy into practice, leaving agencies to navigate a maze of separate budget lines and legacy procurement rules.

Funding silos are the hidden choke point that stalls progress. When IT and OT fall under different fiscal authorities—often the CIO’s budget versus the CSO’s—organizations cannot leverage economies of scale to purchase integrated security platforms. This results in fragmented point solutions, higher total cost of ownership, and slower response times. Guarente recommends a dual‑track funding model that earmarks capital for initial tool acquisition while guaranteeing multi‑year operational budgets for staffing and maintenance. Moreover, programmatic contract vehicles like the 2022 Global Enterprise Modernization Software and Support (GEMSS) contract demonstrate how pre‑negotiated pricing and centralized funding can eliminate bureaucratic friction, enabling rapid, enterprise‑wide deployment of vetted security solutions.

To bridge policy and protection, agencies should adopt shared‑service models such as mobile “tiger teams” that deliver specialized OT expertise to under‑resourced offices. Streamlining authorization pathways—by introducing clear milestones into FedRAMP and DoD certification processes—will further accelerate adoption. By aligning financing, procurement, and expertise, the federal government can transform its cyber defense from a patchwork of isolated initiatives into a resilient, unified capability capable of safeguarding the nation’s critical infrastructure.