In the relationship between OT & IT it is vital to have a robust Cyber Security strategy. As the operational lines between OT & IT continue to blur with the rise of Industry 4.0, those disparate and closed systems which once worked in isolation are now dependant on each other.
Vulnerabilities arise wherever the collection and use of data becomes central to operational success. In a connected environment where OT efficiency relies on IT to ensure the collection and successful application of this data, the opportunities for a breach increase.
Deciding how to approach the strategy to ensure the security of these operations often falls to the CISO. Do they turn to a specialist in OT management systems or an IT Security specialist, this article explores the role of the CISO and the decisions they need to make when implementing an OT Cyber Strategy.
There is no one perfect way to manage a cybersecurity program. It depends on the way the organization is structured more broadly. Is the culture top-down with a drive for operational consistency, even if it may take longer to align different parts of the organization? Is the culture one where targets are set, but business units are left to determine how best to hit those targets? Is there a close working relationship between IT and OT? These subquestions inform how best to organize your approach.