FEATURE
BEST OF BOTH WORLDS THE CONVERGING WORLDS OF INFORMATION TECHNOLOGY AND OPERATIONAL TECHNOLOGY CAN BE A SECURITY NIGHTMARE IF YOU DON’T IDENTIFY AND CLOSE THE GAPS EARLY ON.
D
igital transformation requires the convergence of IT and OT networks. With the advent of the IoT, edge computing, and seamlessly expanding networks, CIOs are today faced with the daunting challenge of bridging the divide between OT and IT environments. Historically, these two have occupied separate domains with very little in common. Now, the need to streamline business processes, glean insights and deliver exponential business transformation is driving IT/OT convergence, especially in verticals such as manufacturing, healthcare and transportation.
20
CXO INSIGHT ME
NOVEMBER 2021
Though connecting IT and OT worlds is a business imperative to achieve operational efficiencies, it has also resulted in potential risks that can disrupt risks. Security in the IT domain is relatively mature with wellestablished stacks and policies, and most OT systems were never designed with cybersecurity in mind. This calls for a complete rethink of cybersecurity strategies. “The main challenge is that the convergence of IT and OT has been driven by the need for automation, simplicity, and convenience. Security was rarely if ever, prioritised. So industrial organisations now find
themselves burdened by networks that are comprehensively and complexly connected – full of insecure entry points and vulnerabilities to exploit,” says Mark De Simone, Regional Director - MEA at ThycoticCentrify. Additionally, while IT systems typically have a short refresh cycle of a few years or, in some cases, just months, OT systems are traditionally designed to remain in operation for decades. So, we’re seeing systems that were never intended to be connected to the internet now being integrated into modern IT networks, he says. Gregory Cardiet, senior director – security engineering, International,