OPERATIONS
Manu lists some of the key challenges :
• Legacy systems : As mentioned , OT systems often run on legacy technology not designed with cybersecurity in mind and may have proprietary protocols or older standards that lack sufficient encryption or authentication . In addition , updating these with patches and software upgrades often has not been a priority .
“ MONITORING OT SYSTEMS IS IMPERATIVE BECAUSE CYBER HACKS OR ATTACKS CAN IMMOBILISE IMPORTANT INFRASTRUCTURE ”
MANU GOPEENDRAN INDUSTRY ANALYST AND SVP STRATEGY AND MARKETING , METRICSTREAM
• Different priorities : OT networks prioritise always-on availability and uptime , whereas IT systems prioritise data safety and confidentiality . This can create potential for increased attack points .
• Different standards : IT systems use standards like NIST-CST and other standards . OT systems may follow industry-specific standards , resulting in complexity in creating controls for cybersecurity .
• Lack of cross-domain training : IT security experts are not trained on OT cybersecurity and vice-versa . Finding the combined skillset or cross-training can be a challenge .
The disparity in development cycles between OT and cloud systems further complicates integration efforts , as Matt details : “ The development models for OT assets and modern , cloud-based applications are completely different . Those legacy assets would be updated infrequently , maybe once or twice a year . For a cloud application , developers can push changes constantly .
“ While some companies might update their cloud apps every week , some will push updates every hour . That
116 December 2024