English
关闭
News

News

Home   News   Industry News

Industrial cybersecurity, should it be the responsibility of IT personnel or OT personnel?

#Industry News ·2020-01-09 10:56:58

While many manufacturing companies have invested significant resources in protecting traditional Internet of Things (IoT) devices, they often overlook critical industrial assets that could pose substantial risks to their operations.

The widespread adoption of Operational Technology (OT) intrusion detection systems in manufacturing facilities enables companies to establish asset inventories and identify potential vulnerabilities through machine learning and artificial intelligence. However, there remain concerning gaps in how these technologies are implemented. This gap often arises from the evolving question of who actually owns and is responsible for OT equipment. OT devices are rarely directly controlled or overseen by IT departments.


Discovering IIoT and OT Cybersecurity Gaps

Most companies focus their security efforts on common networked devices like cameras, thermostats, and printers, while neglecting critical industrial equipment. Monitoring for Programmable Logic Controllers (PLCs), Human-Machine Interfaces (HMIs), engineering workstations, control networks, drives, motor control centers, Automated Guided Vehicles (AGVs), robotics, and pumps is frequently deprioritized, creating significant blind spots in industrial security.

A dangerous misconception persists that industrial control systems are isolated from external threats. As industrial cybersecurity experts have noted, even standalone machine centers maintain various forms of connectivity, whether through remote access systems or interventions by on-site technicians. This reality creates vulnerabilities that many organizations struggle to monitor or address.

The implications of these security gaps extend far beyond traditional cybersecurity concerns. Neglecting Industrial Internet of Things (IIoT) assets is not merely an oversight but a potential disaster that could result in millions of dollars in downtime costs and even pose physical risks to personnel.

Security in industrial environments requires a broader perspective encompassing cybersecurity, process integrity, and safety. While traditional security tools focus on detecting malware signatures and network threats, they also play a critical role in identifying asset-related risks (vulnerabilities), inventorying, monitoring, and maintaining operational efficiency.

The parallels between digital security monitoring and preventive maintenance are evident—just as companies use sensors to detect anomalies in heat, harmonics, or vibration, they require similar systems to identify disruptive digital behaviors and activities that may affect their assets.

One of the primary challenges in implementing comprehensive industrial security lies in the disconnect between IT and OT teams. Many organizations have invested in sophisticated OT cybersecurity intrusion detection tools and solutions, but their operational technology teams often struggle to derive value from these investments. This gap stems from an insufficient understanding of factory operations and processes, which hinders the ability to assess platform capabilities and their potential impact on daily activities.

To achieve better industrial security, companies need to find the right partners—experts who understand both network infrastructure and automation environments while remaining proficient in the latest security tools and technologies. As manufacturing environments become increasingly interconnected and complex, this expertise becomes particularly crucial.

Looking ahead, companies have two main pathways to strengthen their industrial security posture. From the IT side, they can proactively build relationships with equipment suppliers, plant manufacturers, and control system designers to better understand the operational environment. From the OT side, they can take the lead in developing security expertise and implementing appropriate tools and processes.

Successful implementation of industrial cybersecurity requires a balanced approach that combines comprehensive security tools with deep operational expertise. As manufacturing environments continue to evolve, bridging the gap between IT and OT is not only beneficial but essential for maintaining security and operational integrity. Companies must recognize that protecting industrial assets is just as important as safeguarding traditional IT infrastructure and take appropriate steps to develop their security strategies accordingly.


Five Steps to Strengthen OT Security

To help manufacturing companies better protect their industrial environments, here are five essential steps to enhance OT cybersecurity:


Conduct a Comprehensive Asset Inventory

Begin by documenting all connected devices, not just traditional IT assets. This inventory should include industrial equipment such as variable frequency drives, motor control centers, AGVs, robotics, and PLCs. Pay special attention to identifying devices that may have remote access capabilities or require vendor support, as these require additional security considerations.


Bridge the IT/OT Knowledge Gap

Create cross-functional teams that include both IT security experts and OT specialists. Regular collaborative meetings can help both teams understand each other's priorities and challenges. Consider implementing training programs to help IT teams learn about industrial processes and OT teams grasp cybersecurity principles. Engage experienced experts or partners to facilitate these discussions. The customer’s vendor OT ecosystem must be included in the OT cybersecurity strategy.


Implement Proactive Monitoring Systems

Deploy monitoring solutions that can detect both cybersecurity threats and operational anomalies. These systems should track not only traditional security metrics but also process integrity indicators. Just as companies monitor equipment for mechanical issues, they should implement similar vigilance for digital behaviors and network activities.


Establish Vendor Management Protocols

Develop strict protocols for vendor access and remote support. This includes documenting all third-party connections, implementing secure remote access solutions, and maintaining audit trails for all external interactions with industrial systems. Vendor access rights and security practices should be reviewed regularly.


Build Security into New Projects

For new facilities or equipment installations, integrate cybersecurity requirements into the initial design phase. Collaborate with system integrators and equipment suppliers who understand both operational requirements and security best practices. Ensure security considerations are incorporated into engineering and construction processes from the outset.

The success of industrial cybersecurity ultimately requires a balanced approach that combines comprehensive security tools with deep operational expertise. As manufacturing environments continue to evolve, bridging the gap between IT and OT is not only beneficial but essential for maintaining security and operational integrity.


Reprinted from Control Engineering China

tags: MQTT Industrial Networks Internet of Things Bluetooth Technology IT personnel OT personnel AI Managing the Edge Edge AI artificial intelligence (AI) technologies

Pre:No Data

Next: Trends in Industrial Edge Computing Development: Architecture Integration, Machine Connectivity, and IT-Driven Operations

Copyright © 2018-2026 Shenzhen Sinepower Technology Co.,Ltd  sitemap ICP:粤ICP备17003685号
Induction heating power supply, thyristor trigger board, magnetizing and demagnetizing controller, intelligent charging module, data acquisition module, electric quantity transmission module, signal isolator

+86 18938061832