Exploring the intersection of IT and OT security

            In  today's  interconnected  landscape,  the  intersection  of  IT  and  OT  security  has  become  critical  for
            organizations. Especially considering recent findings by Microsoft indicating unpatched, high-severity
            vulnerabilities in 75% of the most common industrial controllers in customer OT networks.

            The integration of IT and OT systems has undoubtedly enhanced operational efficiency and productivity
            across  various  industries.  However,  this  convergence  has  also  introduced  a  myriad  of  security
            challenges. Traditionally isolated and specialized systems are now interlinked, creating a complex web
            of  vulnerabilities  ripe  for  exploitation  by  cyber  attackers.  This  leads  to  85-90%  of  OT  cyber-attacks
            beginning in the IT environment.

            The volume of IoT devices is expected to exceed 41 billion by 2025 according to IDC. This highlights the
            urgent need for a more holistic approach to cybersecurity. While the security of traditional IT equipment
            has  seen  significant  improvements,  IoT  and  OT  security  has  lagged  behind,  leaving  organizations
            susceptible to a wide range of cyber threats.

            Establishing a more secure relationship between IT and OT environments requires the implementation
            of comprehensive control measures.



            How  do  most  organization's  structure  OT  security  operations?  Is  this  function  typically  in
            information security, IT, the OT engineering world itself, a combination?
            The debate over the ideal functional residence of OT security operations remains a consistent discussion
            throughout the industry. Organizations adopt varied approaches to structure their OT security operations
            and  there  is  no  one-size-fits-all  solution.  As  Chase  Applegate  notes,  “I  don’t  think  that  OT  or  plant
            operations should own security operations,” but acknowledges the need for diverse skill sets and many
            players in the OT space. Initially, IT security might lead OT security operations efforts with a potential for
            specialized teams later on.

            There’s  a  tendency  towards  third-party  management  for  OT  security  operations  at  least  for  tier-one
            incident triage. “Because of this complexity in a lot of use cases, it makes sense for companies to go with
            a third party MSSP’s to manage OT security operations,” Chase noted.

            Kirsten reflects on this collaborative approach seen in Canada, where both IT and OT express interest in
            fortifying cybersecurity measures. She explains, “We want to be where we can have these hybrid teams
            that come together…once a week they meet, and they go over the alerts…to better tune the system.”
            This  emerging  practice  showcases  the  desire  for  cross-functional  collaboration between  IT  and  OT,
            specifically citing networking as a critical crossover skill.



            This reflects the growing recognition of the interconnected nature of IT and OT and the need for holistic
            security  strategies.  However,  regardless  of  the  approach,  both  Chase  and  Kirsten  underscored  the
            importance of stringent access controls and approval processes within OT environments.







                                                                                                              32