MUST READS
Building a Strong OT Cybersecurity Foundation: First Ask the Right Questions Since the start of the COVID-19 pandemic, the pace of digital transformation has accelerated tremendously. Meanwhile, companies have also become increasingly aware that the next leaders in this new digital arena will be those who control and manage their onsite OT data. Thus, companies that want to stay ahead in the game first need to achieve successful collaboration between their IT and OT departments to gain better control of their OT data. Inevitably, IT/OT integration has become one of the key indicators of a company's potential future growth. However, despite its importance, IT/ OT integration remains inconceivable to many companies due to one main obstacle: cybersecurity. According to a survey by International Data Information (IDC), companies tread very lightly around IT/OT integration because they are wary about its impact on cybersecurity. For starters, talking about the importance of cybersecurity may sound by now like a broken record. However, upon further inspection, one realizes that while cybersecurity has been prioritized by IT, the same cannot be said of OT. In recent years, industrial digital transformation (Industrial DX) has pushed OT out of their small ponds of individual intranets into the wider ocean of the Internet. With the abundance of
threats lurking behind Internet connections, cybersecurity has suddenly become a matter of urgency in the OT world—one that needs to be resolved as soon as possible. Nevertheless, to safely navigate through this sea of predators, Moxa and YNY Technology, an industrial digital solution provider based in Malaysia and Moxa’s partner in numerous IIoT projects, have identified the fundamental issues you need to address when strengthening your control systems for cybersecurity purposes. In this article, we address these issues through three frequently asked questions (FAQ) that we pit against counter-questions, which we like to call a question behind the question (QBQ), to help you bolster your cybersecurity strategy.
FAQ 1 vs. QBQ 1
"Who’s responsible for this cybersecurity project?" vs. "Where is the weakest link in my cybersecurity strategy?" From an organizational standpoint, it is easy to get distracted by the question of who should take charge of a project that now falls under OT but involves a traditionally IT-centric task. While OT staff may argue that they do not have the proper training and experience to deal with cybersecurity, IT staff may argue along the same line that their inexperience with OT equipment may affect overall operation. In this case, both
28 12 | 2021 BISinfotech
