What are the Components of Operational Technology?
Industrial control systems (ICS) are a main component of operational technology. ICS includes different types of devices, systems, controls, and networks that manage a variety of industrial processes. The most common are supervisory control and data acquisition (SCADA) systems and distributed control systems (DCS).
What is SCADA?
SCADA systems collect data from sensors, often at distributed sites and send it to a central computer that manages and controls the data. DCS are used to manage local controllers or devices of production systems in one location.
What are Industrial Internet of Things (IIOT) Devices?
The smallest components of operational technology are a diverse array of sensors, monitors, actuators, and other technologies that are deployed on or near OT equipment. This equipment is pervasive and includes generators, pipelines, fans, programmable logic controllers (PLC), remote processing units (RPU), industrial robots, etc. These sensors are examples of IIOT.
Operational technology (OT) is the use of hardware and software to monitor and control physical processes, devices, and infrastructure. Operational technology systems are found across a large range of asset-intensive sectors, performing a wide variety of tasks ranging from monitoring critical infrastructure (CI) to controlling robots on a manufacturing floor. OT is used in a variety of industries including manufacturing, oil and gas, electrical generation and distribution, aviation, maritime, rail, and utilities.
Gartner defines OT securityas, “Practices and technologies used to (a) protect people, assets, and information, (b) monitor and/or control physical devices, processes and events, and (c) initiate state changes to enterprise OT systems.” OT security solutions include a wide range of security technologies from next-generation firewalls (NGFWs) to security information and event management (SIEM) systems to identity access and management, and much more.
Traditionally, OT cyber security was not necessary because OT systems were not connected to the internet. As such, they were not exposed to outside threats. As digital innovation (DI) initiatives expanded and IT OT networks converged, organizations tended to bolt-on specific point solutions to address specific issues. These approaches to OT security resulted in a complex network where solutions could not share information and provide full visibility.
Often, IT and OT networks are kept separate, duplicating security efforts and eschewing transparency. These IT OT networks cannot track what is happening throughout the attack surface. Typically, OT networks report to the COO and IT networks report to the CIO, resulting in two network security teams each protecting half of the total network. This can make it difficult to identify the boundaries of the attack surface because these disparate teams do not know what is attached to their own network. In addition to being difficult to efficiently manage, OT IT networks contain huge gaps in security.