PREDICTIVE INTELLIGENCE
�
is much easier with a consolidated
group. It’s not hard to see why 43% of
industrial firms feel this convergence
contributes to enhanced visibility
that can improve the mitigation of
cybersecurity threats.
Convergence can create efficiencies,
too. Threats identified by one team can
rapidly be defended against by the other,
stopping the spread of malicious intent
and malware. And it’s undoubtedly more
convenient to only have one security
system to pay for, configure, manage
and maintain – which is a more likely
outcome when IT and OT security
approaches are converged.
But the advantages don’t end there.
Merging these teams provides ripe
opportunity for cultural transformation,
creating the ideal breeding ground
for innovation as two sets of intelligent
people collaborate to generate a
truly robust and comprehensive
security strategy.
Roadblocks ahead
There are, however, some serious
difficulties in redressing this division –
starting with the technical specificities
of OT and IT. OT experiences a longer
product life cycle and has to grapple
with a wide breadth of industrial
protocols and environmental constraints
due to the nature of equipment used.
Implementing a specific architecture
in line with industry best practice
standards is crucial to making sure
OT teams are able to thrive in the new
converged environment – and getting all
of this in place can be time-consuming
and complex.
Priorities are also different. IT networks
prize confidentiality and data integrity
over availability, while the nature of
production lines and factory floors
demands that availability and the
security of personnel be at the top.
As a result of these inverted priorities
and very different technologies, there
are bound to be clashes when these
two groups with differing viewpoints are
brought together. People who work in
these two teams tend to have different
Almost threequarters
(73%)
of industrial firms
believe that the
attack surface of
their IP-connected
factory machines
has expanded.
attitudes towards their lines of work. OT
workers are often more conservative,
focusing on process, output, safety and
availability. In contrast, those in IT are
more likely to be early tech adopters,
eager to embrace change and very
data-centric.
Blending these two groups together and
establishing a harmonious workforce
isn’t easy but it can be done if those
involved are willing to embrace a new,
third way of thinking.
Fusing IT and OT teams
Anyone looking to kickstart this merger
will need to sit down and apply their
focus to planning strategic alignment
on goals.
Driving cultural transformation will
play a key role in the success of any
convergence project, with strong
leadership needed to ensure culture
clashes are dissipated and neither party
feels like an afterthought. Be aware
that changes may cause friction – so
explain what is being deployed and how
it will affect the process to ensure that
nobody feels left behind or confused by
complicated terminology.
Care must also be taken to make
technological adjustments to
accommodate this merger, such as
adopting security tools that cater to both
IT and OT requirements. Collaborative
tools such as SIEMs (Security Information
and Event Management) and SOARs
(Security Orchestration, Automation
and Response) can help security
teams manage and respond to threats
at machine speed, rather than having
to plough through log files and system
reports manually, wasting time and leading
to a bottleneck of issues to resolve.
It’s not just the amount of new hardware
that poses a risk to these newly
converged teams – it’s the nature of that
hardware as well. The devices used by
OT often present a set of unique security
liabilities that IT teams may not have
had to tackle before. Older systems
that may have been in place for years
not only have never been updated, they
also monitor critical systems, such as
thermostats and pressure valves, so
they cannot ever be taken offline, even
for patching. And ultra-sensitive systems
34 Issue 28 | www.intelligentciso.com