Among the most candid and technically grounded sessions at SEMICON West was Quentin Kantaris’ examination of legacy operational technology (OT) systems in semiconductor manufacturing. Kantaris underscored a difficult truth: legacy systems are indispensable to production—and simultaneously among the most vulnerable assets in the fab.
Where modern cybersecurity programs often focus on new architectures, Kantaris reminded attendees that legacy systems represent the backbone of semiconductor manufacturing, and abandoning them is not feasible. Instead, organizations must design security strategies that acknowledge their operational constraints and evolving threat exposure.
1. Legacy Tools Cannot Simply Be Replaced—But Attacks Against Them Are Increasing
Many legacy semiconductor tools have been in operation for decades and contain hardware and software that cannot be easily upgraded. Replacing or requalifying these systems would require substantial capital investment and extensive process validation.
Meanwhile, adversaries have learned to target exactly these blind spots. Legacy OS versions, unpatched vulnerabilities, and weak segmentation give attackers predictable footholds. Kantaris emphasized that ignoring these systems is no longer an option: they must be secured in place.
2. Traditional Security Strategies Fail in OT Environments
A recurring insight from Kantaris’ session was that security controls designed for enterprise IT often disrupt manufacturing operations. For example:
- Traditional antivirus agents can destabilize time-sensitive applications.
- Real-time scanning may cause process delays.
- Many legacy systems lack the CPU or memory to support modern security tools.
Simply put, OT systems must be secured without altering how they function.
3. Network Segmentation as a Foundational Control
Kantaris outlined segmentation as one of the most impactful controls available to fab leaders. Effective segmentation limits the ability of adversaries to move laterally, contain breaches, and protect tool groups based on risk.
- Effective segmentation includes:
- Micro-zoning sensitive systems
- Enforcing protocol restrictions
- Isolating high-risk legacy assets
- Structuring networks around functional workflows
Segmentation is both immediately impactful and foundational for long-term resilience.
4. Virtual Patching and Compensating Controls
Many legacy systems cannot be patched due to OS constraints or the risk of operational downtime. Virtual patching provides a powerful alternative by blocking malicious traffic at the network layer without modifying the system itself.
- Kantaris described virtual patching as essential for legacy OT because it:
- Prevents known exploit patterns
- Provides visibility into attack attempts
- Preserves system stability and uptime
This approach pairs well with intrusion prevention and detailed logging.
5. Strengthening Endpoint Protection Within Legacy Constraints
Kantaris recommended selecting endpoint protection tools designed specifically for older OS versions and constrained hardware environments. Features such as unified installers and deferred updates help reduce operational complexity and human error.
Additionally, “contingency modes” allow operators to temporarily disable security layers during system troubleshooting—preserving uptime without compromising long-term protection.
6. Building Long-Term Resilience Through Organizational Investment
Securing legacy OT is not a short-term initiative—it requires multi-year investment, cross-functional alignment, and continual risk assessment. Kantaris encouraged leaders to sponsor:
- Comprehensive OT asset inventories
- Dependency and data flow mapping
- Failure-mode analysis tailored to cyber incidents
- Regular incident response exercises
Kantaris’ closing message was clear: resilience depends not only on technology, but on the organization’s willingness to sustain the effort over time.
Source: “Secure Together: Building Cybersecurity Resilience Through Industry Alliances,” SEMICON West 2025. Speakers: James Kaplan (McKinsey & Company); Quentin Kantaris (TXOne Networks); Bradford Hegrat (Accenture); Nijaz Velic and Richard Morris (NY CREATES); Tom Palmaers and Giselle M.H. Van Tornout (imec); SZ Lin (Sun Square); Ross Mahler and Marty Wachi (Moxa); Simon Davies (Renesas); Jennifer Lynn (IBM); Prabhu Jayanna (AMD); Anusha Annapareddy (Applied Materials); Bertrand F. Cambou (High Entropy Security); Daniel O'Loughlin (Qualcomm). Panel moderator: Andrew M. Seward (Tokyo Electron America).
