What is the main focus for cyber security between ICS/OT and IT? When I think about understanding the differences between IT and ICS/OT security needs, I think of the environments themselves. If I am sitting in a cubicle, an office or working from home, I am not only physically comfortable, but I am also about as physically safe as I can be. If I am at a site, walking through a power plant, a petrochemical refinery or most other industrial control sites, there is real and present physical danger simply from the physics of how the site operates. In IT environments the main focus is always on ensuring the confidentiality of our sensitive data. We want to make sure that attackers are not able to access our systems and information in an unauthorized manner. In ICS/OT environments, the main focus is on ensuring the physical safety of on-site personnel. We want to make sure that everyone goes home at the end of the day, safe and sound. And I do not want a cyber security incident to be the reason that someone did not go home to their family. For those of you that would like a little bit more via YouTube - https://lnkd.in/gxh5Uaa4. #cybersecurity #power #safety #petrochemical #refinery #cyber #utilsec #icssecurity #otsecurity #icscybersecurity #otcybersecurity
The fact that OT/ICS is ethernet-based and converged with IT has been a great revolution and convenience. However, we need to be aware that the OT/ICS industry has deadly risks, as you have stated. So if you say that if I get a little training and have a few certificates, I will turn this sector into an opportunity, you would be wrong. According to the experience so far, after a strong engineering (electrical, electronics, control, process, mechanical, computer, mechatronics and similar engineering) infrastructure, the ability to use cyber security and network technology will help us overcome these tasks. Otherwise, it will be difficult to understand and protect the OT/ICS world, which requires different expertise in each sector.
Some deal with it easily and simply.Warning The security of OT meninges safety to not go to crimes on organizations if you need integrated between IT and OT for my opinion its not accepted And if you forced to do that you should be any relation about IT one way direction like military place it's NOT supported send and received choose TX or RX working one way just one way.
Love the illustration Mike Holcomb. Truly brings across the point even without reading the text.
Brief but sounds good. Would like to add IT- Confidentially, OT- Availability
Thanks for sharing this is a great explanation on the differences between IT and OT.
In IT, we worry about hackers. In ICS/OT, we worry about getting squashed! 😅 Let's protect both data and toes, one cyber step at a time. 🚀💻⚡️ #cybersecurity #safetyfirst #powerplay #hackersmeetphysics #data
Good read - Couldn't agree more! The unique challenges of OT security require a specialized approach. It's not just about protecting data; it's about safeguarding the operational technology that directly affects physical systems and human lives. Let's stay vigilant and proactive in addressing the evolving threats to our ICS/OT environments.
This is about the best write-up you’ll find on IT/ICS, especially to pass on to senior execs struggle to understand the complimentary and divergent aspect of how to structure the IT/OT relationship. https://www.byos.io/blog/industry-4.0-blog-3-hardening-the-ot-network
I have a few slides from a workshop I used to lead that I can share on OT/IT differences. I also have a bit controversial blog I never posted titled, “Why IT will fail OT every time?” But the side theme ended up being, “If you try to do OT without IT, you’ll be in even worse shape. I can post some of those slides if it would be useful to anyone.