28 Jun 18
28 Jun 18
Is there any animosity deeper than the one between IT and OT security? The Montagues and Capulets of Romeo and Juliet, perhaps? But like the prince in that famous tale, we all have a lot to gain by bringing the two sides together.
This is especially true in today’s world, with the explosion of Internet of Things (IoT) devices in both industrial and non-industrial settings, and the growing digitization in heavy industry, where sensors and IP-based control devices are being deployed in the millions.
The problem is that if you really want to get a true sense of an organisation’s security posture, IT and OT – including SCADA – must be visible together. You need a single holistic view of the organisation’s networks, its assets and its end points.
Doing so not only gives your managed security teams additional data points – image being able to correlate anomalies in server temperatures to a security event – but it also lets you lock down OT and IoT devices – event those like biometric systems, cameras and door sensors.
For critical infrastructure systems and other large industrial operators with compliance and/or organisational requirements regarding the segregation of OT and SCADA systems, there are solutions. One-way transfer diodes and data anonymization are just two ways to address these concerns.
I challenge security teams in every industry to step back and study how they can commit to bringing IT an OT data together in your organisation A single and holistic approach is the only way you’re going to ensure the cybersecurity strategy covers your entire organization.