the future of industrial security—— IT and OT fusion

in industrial companies, security has traditionally been divided into three areas: physical security; IT safety and operational security (plant safety and system integrity). this division makes it more difficult for facility operators to detect and respond to security incidents.

moreover, modern operations often span complex IT（ information technology) and OT（ technology) infrastructure, often encompassing thousands of devices, increasingly connected through the industrial internet of things (IIoT)the internet brings new challenges to the security of industrial environments: making cyber-physical security threats more difficult to detect, investigate and remediate.

to protect this complex attack surface, many industrial companies have developed methods to integrate IT and OT team, or are working on how to do this. however, the integration challenge is a formidable fortress because of two major obstacles.

obstacle 1. IT and OT the difference is too big

IT the environment is dynamic. for example, IT systems need to be repaired, upgraded, and replaced frequently. IT employees are concerned about data confidentiality, integrity, and availability (also known as CIA）。 they are very up to date IT trends and threats. however, IT people are often unfamiliar with OT network or industrial control system (ICS)，few of them would set foot in a factory environment.

on the contrary, OT employees work in an operating environment where stability, safety and reliability are paramount. their work involves maintaining the stability of complex and sensitive environments such as refineries, chemical plants, and water plants that are filled with legacy systems that are decades old and have not been updated in decades. their motto is: "if it works, leave it alone."

OT engineers are scared IT personnel involved in safety work at their factory, or ICS tinkering.

obstacle 2. IT and OT use different technologies

basically, IT people are accustomed to using the latest and greatest hardware and software, including the best security technologies to protect their networks. they tend to spend most of their time repairing, upgrading, and replacing systems.

at the same time, OT employees are accustomed to working with legacy technologies, many of which predate the internet era. these systems often use proprietary network protocols, lack basic security controls such as authentication or encryption, and have no event logs or audit trails. therefore, OT event detection and response in the environment are greatly different from IT in the environment.

executive support is key to success

want to IT and OT to come together and integrate security thinking and operations, companies need to create an atmosphere of collaboration between the two teams, working together for the common good. of course, this kind of thing is always easier said than done.

despite all the difficulties and challenges, some companies are still working hard to promote IT and OT in-depth cooperation. the key to success is support from the top.

some companies start by establishing owner-level roles to drive this integration. for example, setting up a digital officer responsible for bridging IT and OT， blend cultural differences and establish an incident response process that spans both teams.

successful deployment of industrial cybersecurity projects must leverage IT and OT resources for both teams. corporate-level governance and leadership help ensure effective collaboration between these two parties.

to facilitate IT and OT with the integration of OT the business department transferred senior senior engineers and sent them to support the security operation center (SOC)incident response work. this creates unification across people, process and technology IT/OT two aspects of the environment.

laiwan technology is a leading enterprise intelligent high-tech enterprise in china, focusing on providing enterprises with intelligent office, intelligent production and intelligent r&d solutions.a one-stop full-cycle solution, serving more than a thousand customers.laiwan technology helps enterprises become intelligent！