Convergence of IT and OT – Cybersecurity Related Challenges and Best Practices

  IJCTT-book-cover
 
         
 
© 2021 by IJCTT Journal
Volume-69 Issue-2
Year of Publication : 2021
Authors : Prashant Tyagi
DOI :  10.14445/22312803/IJCTT-V69I2P113

How to Cite?

Prashant Tyagi, "Convergence of IT and OT – Cybersecurity Related Challenges and Best Practices," International Journal of Computer Trends and Technology, vol. 69, no. 2, pp. 85-92, 2021. Crossref, 10.14445/22312803/IJCTT-V69I2P113

Abstract
Over the past decade, Industries and Organizations, are increasingly embracing digital-first business strategy as they are reinventing their organizations, adopting and implementing newer technologies to help them succeed, gain a competitive advantage in an ever-changing business climate, increase the productivity of their employees, automate their processes and strive to provide a better and enriching customer experience. Digital Transformation initiatives in organizations and continuous automation of traditional manufacturing and industrial practices using smart modern technology have caused the blurring of boundaries between Operational Technology(OT) and Information technology(IT) and have catapulted organizations into the fourth Industrial Revolution (Industry 4.0). With this fusion of OT and IT, an organization’s mission-critical systems face unprecedented cybersecurity-related threats, as this has led to the expansion of the attack surface. The security landscape is ever-changing, and the risks associated with it are also constantly evolving. The work in this paper discusses the cybersecurity-related risks and challenges[1] arising out of this convergence of OT and IT and the best practices and strategies organizations can adopt on how they can protect the integrity and availability of their complex automation solutions and achieve industrial security with a comprehensive approach just beyond the network security. This paper also discusses how organizations can address their current security gaps through digital risk function(digital risk management) to minimize business disruption and financial losses.

Reference
[1] Prashant Tyagi., From Project Manager (PM) To “Technical” Project Manager (TPM) In the Journey to an Agile Organization International Journal of Engineering Trends and Technology11.1(2021):4-https://www.ijcotjournal.org/archive/ijcot-v11i1p302.
[2] IDG|ExecutiveResearchFirm|StateofDigitalTransofrmatin|2018|https://cdn2.hubspot.net/hubfs/1624046/Digital%20Business%20Executive%20Summary_FINAL.pdf.
[3] Cybersecurity & infrastructure Security Agency|National Cyber Awareness System|Alerts| NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems|https://us-cert.cisa.gov/ncas/alerts/aa20-205a
[4] StanGibson|TechTarget|IoTagenda|IT/OTConvergenceishardworkhere’swhyit’sworthit|https://internetofthingsagenda.techtarget.com/feature/IT-OT-convergence-is-hard-work-heres-why-its-worth-it
[5] GartnerGlossary|InformationTechnology| https://www.gartner.com/en/information-technology/glossary/operational-technology-ot
[6] OperationalTechnology|https://en.wikipedia.org/wiki/Operational_technology.
[7] Prashant Tyagi ., Diagnostic, Descriptive, Predictive and Prescriptive AnalyticswithGeospatialData., InternationalJournalof Computer TrendsandTechnology69.1(2021):1822.https://www.ijcttjournal.org/archives/ijctt-v69i1p104.
[8] Fortinet|WhatisOperationalTechnology(OT)|https://www.fortinet.com/solutions/industries/scada-industrial-control-systems/what-is-ot-security
[9] Vangie Beal|Home|Definitions|SCADA-Supervisory Control and Data Acquisition|https://www.webopedia.com/definitions/scada/
[10] TechTargetNetwork|What is distributed control systems(DCS)|https://whatis.techtarget.com/definition/distributed-control-system
[11] Prashant Tyagi, Sharada Devi P. P., A Functional View of Hybrid-Cloud Environment – Use Cases and Best Practices, Computer Science and Engineering, Vol. 11 No. 1, 2021, pp. 9-16. doi: 10.5923/j.computer.20211101.02|http://article.sapub.org/10.5923.j.computer.20211101.02.html
[12] TechTarget|IT/OT convergence is necessary, desirable but not so simple|Ehandbook|https://searchsecurity.techtarget.com/ehandbook/IT-OT-convergence-is-necessary-desirable-but-not-so-simple
[13] NTT|Optimized for agility embracing the hybrid future|https://hello.global.ntt/
[14] Ruchika Tyagi|Teceze|Digital innovation & Excellence| Cybersecurity .Challengesin2020andhowtotacklethem|https://www.teceze.com/cybersecurity-challenges-in-2020-and-how-to-tackle-them/
[15] MITRE|ATTACK|Home|Techniques|Enterprise|Phishing|Spearphishing Links|https://attack.mitre.org/versions/v7/techniques/T1566/002/
[16] MITRE|ATTACK|CommonlyUsedPort|https://collaborate.mitre.org/attackics/index.php/Technique/T885
[17] Computerweekly.com|Critical Infrastructure under relentless cyber attack|https://www.computerweekly.com/news/252461202/Critical-infrastructure-under-relentless-cyber-attack
[18] Computerweekly.com|Operational technology security improving, but attacksurfacecontinuestogrow|https://www.computerweekly.com/news/252464954/Operational-technology-security-improving-but-attack-surface-continues-to-grow
[19] December2015Ukraine PowerGridCyberAttack|https://en.wikipedia.org/wiki/December_2015_Ukraine_power_grid_cyberattack
[20] https://www.securitycompass.com/sdelements/
[21] RockwellAutomation|MES,AnalyticsandIIoT|https://www.rockwellautomation.com/en-us/products/software/factorytalk/innovationsuite.html

Keywords
Operational Technology(OT), Information Technology(IT), Industry 4.0, Industrial Revolution, Digital Transformation, Artificial Intelligence, Industrial Internet of Things(IIoT), Internet of Things(IoT), Robotics, Industrial practices, Genetic Engineering, Sensors, Hybrid Cloud, Deployment, Integration, On-Premises, Native Cloud, Architecture, Data, Modern Data Platform, Data Lake, Data Warehouse, Applications, Legacy Systems, Infrastructure, Resilient, reliable, Operationally Excellent, Performance Efficient, High Availability, Fault Tolerance, Scalable, Environments, Infrastructure, Systems, Applications AWS, Azure, Google, VMware, IBM, API, WAN, LAN