The Benefits of Collaborative IT/OT Cybersecurity Strategies

Most industrial companies have separate IT and OT cybersecurity programs. While there are various reasons for this, it often results in significant OT cybersecurity maturity gaps that increase the risk of cyber-related disruptions of operations. These gaps include a lack of trained cybersecurity resources, active security defenses and cybersecurity management tools that enable good security hygiene and rapid response to active threats.

OT cybersecurity maturity gaps make it hard for security teams and industrial CISOs to do their jobs. But it is difficult to resolve them when plants aren’t willing to allocate the money and downtime to make the needed changes. So many companies are turning to collaborative IT/OT cybersecurity as a way to overcome these hurdles.

Approaches to collaborative IT/OT cybersecurity vary, but they are all based on leveraging the company’s IT cybersecurity experience, resources and technologies to fill critical gaps in OT security programs. While some local investments in new technology may still be required, most companies are finding that collaborative IT/OT cybersecurity can be a cost-effective and minimally disruptive way to address the serious risks that companies face when they allow plants to operate with significant OT cybersecurity maturity gaps.

OT cybersecurity challenges

Industrial companies face a daunting set of cybersecurity challenges. IT cybersecurity teams are tasked with protecting confidential information and applications across a multitude of global data centers, labs, design centers and commercial offices. Local OT cybersecurity teams are responsible for ensuring continuous availability and integrity of complex control systems, manufacturing applications and a diverse collection of cyber physical systems like robots, packaging systems, etc. And plant managers expect OT security teams to ensure that safety, product quality, environmental compliance, and operational continuity are never impacted by cyber-attacks.

Local OT cybersecurity teams may get some support from IT groups in areas of overlapping concerns, but security of lower Purdue Model OT levels is generally the sole responsibility of local OT security teams. OT cybersecurity programs are also generally funded by operations, so the maturity of OT cybersecurity can vary significantly, depending on each plant’s risk appetite and financial capabilities.

OT security programs have significant maturity gaps

IT cybersecurity programs are generally more advanced than those in OT. They have passive and active security technologies, comprehensive suites of security management solutions, and a team of trained cybersecurity professionals. This enables timely management of security updates, as well as rapid detection and response to anomalous events. Many large industrial companies also have security operations centers (SOCs) and support from 3rd parties for threat intelligence and incident management support.