Integrated Solutions that can Plug the Security Gaps Arising from IT-OT Convergence to Find Increased Adoption, Reported Frost & Sullivan

  • As information technology (IT) and operational technology (OT) converge, enterprises must decide how they will reconcile the vast differences in IT and OT security.

  • The IT/OT industry is addressing this issue by implementing purpose-built, integrated security solutions that can natively onboard connections from both ends.

  • When selecting an OT solution, enterprises need to understand their environment, leverage prescribed and customized tests, and perform structured change management to enhance the security of the OT platform.

As information technology (IT) and operational technology (OT) converge, enterprises must decide how they will reconcile the vast differences in IT and OT security. Unlike the IT networks they connect with, OT networks are highly vulnerable to cyberattacks. The IT/OT industry is addressing this issue by implementing purpose-built, integrated security solutions that can natively onboard connections from both ends. These solutions, along with threat intelligence and analytics, are becoming increasingly crucial as organizations require actionable and straightforward insights into the growing complexity of their converged environments.

Kenny Yeo, Frost & Sullivan

“Chief Information Security Officers (CISOs) face the complex task of protecting OT systems while allowing essential data, telemetry, and human machine interface (HMI) traffic to reach the centralized, connected enterprise databases,” said Kenny Yeo, Associate Director, Security Practice, Frost & Sullivan. “A tailored OT solution can resolve this issue by providing broader, more granular visibility into the networks through a single pane of management, enabling a scalable reduction of attack surfaces.”

“The Siemens Extensible Security Testing Application (SiESTA®) is a framework to carry out comprehensive security checks associated within IT-OT network environments. It was developed by Siemens AG practitioners for standardizing and automating testing procedures while granting flexibility by its extensibility, e.g., with third-party tools,” remarked Dr. Henning Rudolf, Head of Global Cybersecurity Strategy & Business Enablement at Siemens. “The user-friendly SiESTA® management console enables simple planning and automation of individually compiled test procedures to empower security teams to determine the safety status of components. Significantly, it also enables safe, non-intrusive active testing in OT networks while minimizing the risk of product outages, application downtime, and system interruptions.”

When selecting an OT solution, enterprises need to:

  • Understand their entire environment: Identify and inventory all components, systems, and networks to ensure complete testing coverage.

  • Leverage both prescribed and customized tests: Utilize a toolset that provides the flexibility needed to create and configure custom tests that meet enterprise-specific requirements.

  • Perform structured change management to enhance the security of the OT platform: Perform consistent, structured tests, automated scans, gap identification, and rectification programs to enhance system safety and security.

Overall, a dedicated IT/OT security solution can deliver benefits such as:

  • Increased OT visibility

  • Best-of-breed protection

  • Deeper and more actionable insights

  • Automated workflows

  • Flexibility of approach

To read more, please visit https://www.frost.com