Glossary

    [resources, glossary, ot-security]

    cyber security

    OT Security

    What is OT security?

    OT security relates to managing and preventing cybersecurity vulnerabilities on operational technology — the hardware, software, and devices that are used to operate physical things in the real world. OT includes things like industrial control systems, manufacturing systems, oil pipelines, and utility companies.

    This isn’t to be confused with IoT security — the Internet of Things — which is another element of cybersecurity. Some operational technology uses “smart” devices or objects that would be included in the realm of IoT, but that’s only one small part of the world of OT. 

    NIST defines OT as “a broad range of programmable systems or devices that interact with the physical environment (or manage devices that interact with the physical environment).” Until recently, those machines and programs that worked in industrial and utility kinds of environments weren’t connected to the internet, so they were less vulnerable to cyber attacks.

    What does IT/OT Convergence Mean?

    IT and OT are different. In IT security, the main priority is data security across hardware and software. In OT security, the main priority is the safety of equipment and maintaining operations.

    However, with the applications of automation, machine learning and artificial intelligence, and “smart” systems that communicate across a physical space, there is an ever-growing field of IT support for areas of business that were traditionally in the realm of OT. 

    Generally speaking, patch management for OT systems is very rare and tricky, because it requires a line being shut down or other physical real-world implications that affect the bottom line. The rule of thumb is that IT security breaches are more frequent, but OT security breaches can have a much larger impact. 

    Like IT security, OT security requires a comprehensive inventory of assets, how they’re interconnected, and what their business impact is. Ideally, there are automated systems and supports in place to identify potential threats, prioritize, and mitigate them.