Bridging the gap between IT and OT to improve industrial cyber security

Understanding cyber security risks is important for everyone. In this paper you will gain perspective on the cyber security challenges facing organisations today that operate within manufacturing and critical infrastructure industries, across their information technology (IT) and operational technology (OT) teams. You will also gain insight into potential solutions. IT teams have evolved distinctly, prioritising data security, access controls and system hardening in networked computing environments. OT teams manage and operate industrial control system (ICS) equipment with specific requirements around reliability and uptime for the purpose of ensuring physical outcomes in manufacturing or critical infrastructure production environments. IT and OT have traditionally operated separately within organisations because they serve different functions. The lack of interaction and understanding between IT and OT has led to cyber security vulnerabilities and frustration between organisations. IT may want to patch OT systems but get pushback because downtime halts production. OT may distrust IT recommendations because they have historically caused operational disruptions. This tension has caused many organisations to avoid trying to connect these two worlds; however, as digital transformation and Industry 4.0 initiatives bring IT and OT systems together, new cyber risks emerge. Industrial Internet of Things (IIoT) devices, legacy equipment, unpatched programmable logic controllers (PLCs) and obscured asset inventories create vulnerabilities. Despite their differing perspectives and priorities, however, collaboration between IT and OT is essential to secure today’s converged environments. Discover proven steps that can be taken to bridge the gaps between organisations to provide greater security across the enterprise, while strengthening internal teams and improving business outcomes.