Skip to content
    Search
    Request A Free Trial
    cyber security

    What is OT security?

    OT security relates to managing and preventing cybersecurity vulnerabilities on operational technology — the hardware, software, and devices that are used to operate physical things in the real world. OT includes things like industrial control systems, manufacturing systems, oil pipelines, and utility companies.

    This isn’t to be confused with IoT security — the Internet of Things — which is another element of cybersecurity. Some operational technology uses “smart” devices or objects that would be included in the realm of IoT, but that’s only one small part of the world of OT. 

    NIST defines OT as “a broad range of programmable systems or devices that interact with the physical environment (or manage devices that interact with the physical environment).” Until recently, those machines and programs that worked in industrial and utility kinds of environments weren’t connected to the internet, so they were less vulnerable to cyber attacks.

    What does IT/OT Convergence Mean?

    IT and OT are different. In IT security, the main priority is data security across hardware and software. In OT security, the main priority is the safety of equipment and maintaining operations.

    However, with the applications of automation, machine learning and artificial intelligence, and “smart” systems that communicate across a physical space, there is an ever-growing field of IT support for areas of business that were traditionally in the realm of OT. 

    Generally speaking, patch management for OT systems is very rare and tricky, because it requires a line being shut down or other physical real-world implications that affect the bottom line. The rule of thumb is that IT security breaches are more frequent, but OT security breaches can have a much larger impact. 

    Like IT security, OT security requires a comprehensive inventory of assets, how they’re interconnected, and what their business impact is. Ideally, there are automated systems and supports in place to identify potential threats, prioritize, and mitigate them.

    See the Platform

    See the Axonius Platform for yourself with an interactive product tour, where we'll guide you through key applications of our Cybersecurity Asset Management and SaaS Management solutions.

    Get a Free Trial

    Sign-up for a free full-access 30 day trial to learn how Axonius gives IT and security teams a comprehensive understanding of all assets, their relationships, and business-level context including devices, identities, software, SaaS applications, vulnerabilities and security controls, and more.

    Book a Demo

    Request a demo to learn how the Axonius Platform provides a system of record for all digital infrastructure helping IT and security teams manage an always-expanding sprawl of devices, users, software, SaaS applications, cloud services, and the tools used to manage and secure them.