To ensure cyber security for manufacturing there is a joint effort between IT and OT required. Sounds straight forward – but causes still some issues. Of course, very often a lot of security services are already deployed and all should be OK for now. But is it?
IT are providing security services to the OT colleagues – and are wondering sometimes how the OT environment behaves – still using legacy OS. So very often, these legacy OS machines are showing up in IT lists to be mitigated as soon as possible – to upgrade them to newer OS versions. OT is wondering – because no one typically asks for legacy PLCs which is a similar problem for them.
But writing OT – Operational Technology – it seems obvious – but is it really properly defined in the company. What is OT and what is not OT?
The vendor independent workshop provides methods to define OT to make it totally clear – what is OT – and what is not. This definition will then provide an overview about the OT environment in an enterprise. Knowing the OT environment – then IT and OT know what must be protected. Very often – the front door gets more additional locks – but maybe the backdoor is wide open. The workshop is developed by an engineer – being in discussions with the IT colleagues for more than 10 years – and being able to translate IT to OT and OT to IT.
The workshop is explaining typical OT system types – allowing IT to get a better insight into manufacturing, into the OT-world. The workshop will show that it is very important to align on terminology – what is a system, what is an application?. Having a common terminology – then the workshop will provide details allowing IT to understand the „OT-needs“ better to mitigate cyber risk. But what is a risk? Is it to protect the „IT Environment from the OT environment“ or vice versa? When defining risk – what about risk assessments – why does OT sometimes even not understand the „risk“. The workshop will provide information about differences between IT and OT – beyond AIC or CIA, which governance for OT to follow and many other comparisons, sometimes technical, sometimes visually and in the beginning tasty.