In the past, Operational Technology (OT) has relied on isolated networks. While the interconnection of IT and OT promises major business benefits, what do you see as the main reason for hesitation when connecting OT with IT?

Question

Answer

Adding and to add their thoughts. Thank you!

Answer

There’s no one answer to the problem of hesitation, IMO some of the more common reasons for keeping OT isolated are fear, uncertainty and doubt.
OT isn’t managed by IT (in most cases) and success metrics or KPIs are different. Merging the two networks successfully requires leadership focusing on removing silos and using a “systems” approach.

Another reason is that OT is often made up of protocols, equipment and providers that IT security teams aren’t familiar with. So, without leadership focus on driving a higher set of benefits, both operations and IT hesitate because they are NOT measured on creating value from a connection, they are most often measured on limiting risk.

Answer

made excellent comments regarding the complexity of the OT (which tends to be legacy, often by necessity not choice) & IT (which tends to be more open to change) relationship.

There's no easy solution here. Possibly, we need more innovation for bridging the gap. Here's an example -

New technology shows promise in detecting and blocking grid cyberattacks https://techxplore.com/news/2021-07-technology-blocking-grid-cyberattacks.html

Answer

IT and OT networks don't have to be &#34;air-gapped&#34; (with physically separate network wires), but there should definitely be logical segmentation (VLANs), and ideally with a firewall between the IT and OT networks. Keep in mind that some Information Security tools (like vulnerability scanners) only exist in the IT realm, so if you want those systems to be able to &#34;scan&#34; the OT network for vulnerabilities, you will need to allow some limited traffic between the two networks, but those routes and ports should be tightly controlled. If you have an abundance of IT Networking resources, you could further reduce your risk by segmenting OT networks by &#34;device type&#34; (for example, locating internet-connected televisions on a VLAN that is completely separated from internet-connected HVAC systems). - This results in fewer available ports per VLAN, and makes it much easier to detect anomalous activity.

Answer

The three main reasons are:
1. Cultural, since, still, individuals that work on each domain tend to see the other part as not having the right knowledge to deal with their own problems. There is a resistance to accept that technological evolution has leveled most challenges regarding cybersecurity and IT in general.
2. Risk Management, despite the fact that technological evolution has leveled systems and networks management challenges in both domains, still the systems from IT and OT have different characteristics and properties to assure (OT more focus on availability and safety and IT in confidentiality and integrity). So join both domains might introduce some risks not fully controlled or even clearly identified by the organizations.
3. Finally, organizational, related with the previous ones. Organizations are, historically, arranged in silos regarding the IT /OT and the change is not simple to perform (organization’s inertia, because people feel threatened) and in a situation where risks are not well known, organizations are adverse to change.

In the past, Operational Technology (OT) has relied on isolated networks. While the interconnection of IT and OT promises major business benefits, what do you see as the main reason for hesitation when connecting OT with IT?

Content you might like

Is there a disconnect between security leaders and the businesses they serve?

Which EDR has less false positives?

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?