The Convergence of IT and OT Systems Requires a Complete Reassessment of Security

 

This world of digital transformation means the convergence of Information Technology (IT) and Operational Technology (OT) has opened up unprecedented opportunities for operational efficiency. However, this utopia comes with its own Pandora’s box: more vulnerabilities that attract hackers. The antiquated strategy of top notch technologies for security is no longer sufficient. What’s needed is a unified security platform that would centralize analytics. This would also provide a holistic view of the network and enabling machine learning to identify vulnerable spots and threats. 

However, the path towards a unified platform has its challenges. Beyond organizational resistance, there’s a significant gap in the market. No single vendor offers an end-to-end security solution that adequately addresses IT-OT integration. In turn that makes selecting a primary platform vendor that provides robust tools to fill in gaps.

Zeus Kerravala, the Founder and Principal Analyst at ZK Research, has more than two decades of experience in researching and advising companies on various technology trends. Specializing in digital transformation, cloud services, and enterprise communications, Kerravala’s insights into the intersection of IT, OT, and security make him a notable thought leader in the field. He has worked with a broad range of clients from tech giants to small businesses. Kerravala offers a well-rounded view on the challenges and opportunities that exist in the evolving digital landscape. 

He mentioned that IT and OT convergence has a lot of benefits for companies. But added there is even more to benefit in considering the entirety of a security systems when converging. Kerravala emphasized the importance of security.

Kerravala’s Thoughts on IT and OT

The Increased Attack Surface with IT Integration

“So the first step in that would be to put technologies in like micro-segmentation that actually can make the attack surface smaller. But then after that, I think companies need to move away from this concept of best of breed and think of a security platform.”

Integrating IT with OT and IoT

“Well, the concept of bringing IT together with OT and IoT is to create better operational models by having all your connected devices on one network. The downside of that is it creates new security risks because you have all your devices connected to one network. And so if you’re going to bring IT and OT together, then you also need to bring the security elements together to create one operational model across it.”

New Security Risks with IT-OT Integration

“Otherwise, you’ll have a number of blind spots and different entry points into your network that your traditional IT security won’t see. Therefore, a breach on your OT system could actually cause a pretty big internal breach on your IT system.”

Rethinking Security Approaches

“The approach for securing an integrated IT-OT system requires actually a complete rethink of security. Historically, security pros have had the idea that if they deploy best of breed technology everywhere, that’s going to create the best possible threat protection.”

The Role of Analytics in Modern Security

“But security has evolved. It’s not about protecting an endpoint. It’s not about protecting a network. It’s not about protecting the cloud. It’s about analytics. And it’s about being able to take data from across all the different elements that touch a network and then being able to analyze that data and be able to find those insights in those areas where things are unprotected.”

Using Machine Learning for Threat Protection

“I think companies need to move away from this concept of best of breed and think of a security platform where perhaps not every element is best of breed, but you do get best of breed threat protection because all the data from across those different security elements can be analyzed using machine learning.”

Challenges in Converging Security Tools

“I think there’s a couple of key challenges when trying to converge your security tools to be able to keep up with the changes in IT-OT convergence. The first is just the concept that networking, security, and your operational technology teams need to work together.”

The Issue of Organizational Silos

“Historically, these groups have lived in silos. They have very tight domains and walls around their operational models. Smaller enterprises I’ve talked to seem to be more willing to do this, but when you get to the large enterprises, there are silos that still exist. And operationally, they do not like to share data and do not like to share tools.”

Selecting a Security Platform Vendor

“A bigger challenge is on the technical side. While the concept of the security platform is the best way to address IT-OT convergence, the reality is there are no security vendors that have a broad end-to-end platform that cover everything. So I think from an organizational perspective, you need to pick your platform vendor.”

The Need for Ecosystem Building by Security Vendors

“And to do that, you need to evaluate the tools that they have, but also the partnerships that they have to fill in the gaps in the areas that they don’t play. But then also look at how open they are and how willing they are to work with other companies, the types of APIs they have, the way they go to market, and things like that. Because I do think security platform is the way forward, but no vendor can deliver a security platform. So it’s incumbent on that security vendor to build a large ecosystem around it to help it fill the gaps where it doesn’t have product.”

Follow us on social media for the latest updates in B2B!

Image

Latest

Hiring Made Human: Hiring When You’re a Start-Up
July 11, 2024

The challenges of hiring for a startup have become more pronounced these days than ever. With technological advancements and evolving market demands, startups must be agile and strategic in their hiring practices to ensure success. According to some studies, nearly 90 percent of startups fail, with a significant factor being the inability to attract…

Read More
Focus on the Customer
Fifth Inning – Focus on the Customer
July 11, 2024

In a compelling narrative by Jesse Cole, the Savannah Bananas, a baseball team known for its unconventional approach, has declared advertising dead. Cole emphatically asserts that while advertising may attract customers, it is the fan experience that fosters lasting loyalty. In a bold move, the Savannah Bananas have eliminated all forms of advertising at…

Read More
Dr. Mark Manera talks Trucking Industry
The Trucking Industry Needs a Fitness Overhaul to Jumpstart a Trucking Health Revolution
July 11, 2024

With the trucking industry seeing many changes that prioritize efficiency and productivity, the health of truck drivers has increasingly peaked as a critical concern. With life expectancies for truck drivers averaging 16 years less than the general population, there is an urgent need to address health issues within the industry. Recent initiatives, like the…

Read More
Excellence Culture with John Brown – CEO, GreatLife Golf
July 10, 2024

The game of golf has been a part of John Brown’s life from childhood. Now he courageously steers the ship of GreatLife Golf. One of the fastest growing golf management companies in the industry. While focusing on a successful business, I believe one of his most attractive traits is his heart to positively impact the…

Read More