For greater business results with IT and OT, CISOs need to take the lead to bring the two teams together
The convergence of Information Technology (IT) and Operational Technology (OT) is well underway, both at personnel and at technological levels. This will be critical to the future of businesses. Traditionally these teams have not worked together and found themselves at odds while maintenance, networking, and ownership.
Security is mostly the first place OT and IT teams meet. There are always vulnerabilities to patch to ensure a strong security posture is principal regardless of the teams involved. Experts believe that for CIOs, it is just a matter of helping the two teams to get neck and neck for the greater goal.
While doing that, figuring out technology ownership and the processes are some areas where issues arise. Inappropriate distinguishing ownership leads to disjointed operations. There is also the problem of OT professionals thinking that the IT counterparts are not able to understand their systems. Similarly, IT operators do not believe that OT teams have the expertise to control the latest types of connected devices.
Experts believe that the reality is that they need to come together for overcoming the barriers that lead to increased risk. However, for that, both the teams are needed for the most secure and effective IT/OT infrastructure. The best way to accomplish this is to stop isolating the teams and have a CISO managing overall operations from above. The role of the leader here is to make it clear the reason to why OT alone cannot ride the Industry 4.0 wave and needs the help of IT while highlighting the importance of the roles each team plays.
There will always be complaints about the effects of bringing OT and IT together. One of the most significant is that OT environments are exposed as they become connected, but the risk is worth the benefit. Smart OT technology and IoT as a whole, does not currently have the rigorous oversight and regulation that IT assets have up to this point. Of course, with new IoT assets, automation becomes tricky, the lack of visibility makes it difficult to investigate and remediate issues, and the usage of ‘shadow IT/OT’ creates vulnerabilities if left unchecked. The results of this disaster range from downtime in manufacturing to patient issues in medical environments. It is more dangerous to resist this shift in favor of maintaining the status quo.
Experts believe that in these times of rapid organizational and technological changes, not having an insight into the happenings at all the levels of the tech stack is plainly asking for trouble. Another worry, as per experts is the ‘people problem.’ Technology and automation do not necessarily mean a few resources, but the same team handling more complex tasks. Surely the transition will not happen naturally but will prove to be a game-changer with the right guidance from the business. It is crucial to explain to the workforce that technology will not completely displace humans, they will still be required to guide in new technology into the enterprise.
All companies and their employees aim to deliver the best service while incurring least risk. Enterprises cannot afford to sacrifice the proper deployment of technology due to fear of change. The new era of industrialization requires a new approach.