Most industrial companies are isolating it and isolating cybersecurity programs. There are many reasons for this, but in many cases it increases the maturity gap in cybersecurity that increases the risk of cyber-related disruption. These gaps include lack of trained cybersecurity resources, active security defense, and cybersecurity management tools that enable superior security hygiene, and quick response to active threats.
The maturity gap in OT cybersecurity makes it difficult for security teams and industrial CISOs to do their job. However, if the plants are willing to allocate money and downtime to make the necessary changes, they can be difficult to resolve. A great many companies are turning to Collaborative IT/OT cybersecurity as a way to overcome these hurdles.
Although there are various approaches to joint IT/OT cybersecurity, they are all based on leveraging the company’s IT cybersecurity experience, resources, and technology to bridge the key gaps in the OT security program. While some local investments in new technology may still be needed, most companies have found that collaborative IT/OT cybersecurity is a cost-effective and minimally disruptive way for businesses to address the serious risks they face when allowing plants to work in critical OT cybersecurity maturity gaps.
Issues in OT Cybersecurity
Industrial companies face difficult cybersecurity challenges. The IT Cybersecurity team is tasked with protecting sensitive information and applications in numerous global data centers, labs, design centers and commercial offices. Local OT Cybersecurity teams are responsible for ensuring the continued availability and integrity of complex control systems, manufacturing applications, and diverse collections of cyberphysical systems, including robots, packaging systems. Plant Managers also hope that security teams will ensure safety, product quality, environmental compliance and operational continuity will be affected by cyberattacks.
Local OT cybersecurity teams can get some support from IT groups in areas where concerns overlap, but lower purdue model OT level security is generally the sole responsibility of the local OT security team. OT cybersecurity programs are also generally funded by operations, so the maturity of OT cybersecurity may vary significantly depending on the risk appetite and financial capabilities of each plant.
There is a significant maturity gap in OT security programs
IT cybersecurity programs are generally more advanced than OT programs. They have a comprehensive suite of passive and active security technologies, a security management solution, and a team of trained cybersecurity experts. This allows for timely management of security updates, as well as rapid detection and response to anomalous events. Many leading industrial companies also have security operations centers (SOCs) and third party support for threat intelligence and incident management support.
