Governance & Risk Management , Operational Technology (OT) , Video

IT and OT: A Tale of Two Technologies Under Fire

Operational Technology Security Takes Center Stage Through Public-Private Programs
IT and OT: A tale of two technologies under fire

The vulnerabilities of OT systems have been known and ignored for years, but that's starting to change. A series of breaches affecting U.S. critical infrastructure, an increasingly hostile threat environment and government programs to promote information sharing, training and cyber grant funding could finally put IT and OT security on equal ground.

See Also: Fireside Chat: Cybersecurity Judo - Using the Adversary’s Strength Against Them

The warning signs are everywhere. The recent Ponemon Institute Cost of a Data Breach Report found that the largest volume of ransomware attacks in 2021 targeted manufacturers - surpassing the banking sector. A 2022 Rockwell Automation-sponsored survey of critical infrastructure firms showed that 73% of respondents had been attacked in the past year - and 66% had inadequate patching programs in place.

In the face of high-profile breaches of water systems and fuel supplies, President Joe Biden issued a memorandum in 2021 calling for the Department of Homeland Security to establish cybersecurity performance goals for the 16 critical infrastructure sectors. The Cybersecurity and Infrastructure Security Agency is charged with rolling out the guidelines for public and private entities with OT systems - ranging from small community water systems to global defense manufacturers.

While CISA is months behind the deadline to roll out sector-specific performance goals, the agency this week outlined plans to streamline information sharing, provide cyber grants to small and midsized organizations and support training and research - helping to finally give equal footing to IT and OT security.

In this video with Information Security, experts and regulators discuss:

  • The state of OT device security and inherent and external supply chain issues;
  • Public and private efforts to formalize security practices, tools and intelligence to support critical infrastructure security;
  • Key strategies for better collaboration and adoption.

About the Author

Cal Harrison

Cal Harrison

Editorial Director, ISMG

Harrison helps ISMG readers gain new perspectives on the latest cybersecurity trends, research and emerging insights. A 30-year veteran writer and editor, he has served as an award-winning print and online journalist, mass communication professor and senior digital content strategist for DXC Technology, where he led thought leadership, case studies and the Threat Intelligence Report for the Fortune 500 firm's global security, cloud and IT infrastructure practices.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.