H Rings

A nice happy marriage: The IT/OT relationship

Sept. 28, 2022
How convergence is changing security and strategy and data usage.

By Chris McNamara, Smart Industry editor in chief

We’ve been talking about struggling with converging IT and OT for so long, you might think this was a troubled celebrity marriage. And while there are certainly challenges that persist on the convergence front, the two sides of the industrial house are aligning to greater degrees every day, as OT staffs recognize the increasing ease and booming value in connecting their assets to wider networks, and IT staffs better understand how to harmonize with their more asset-connected industrial counterparts.

It’s a nice, happy marriage, when both partners decide to play nice. So where are we at with IT/OT convergence, currently? There are plenty of front runners setting examples of how to do it properly. And there are still laggards whose machines are closed off, isolated, uncommunicative. (Sounds like language from a marriage-counseling session, no?)

It might appear that IT is taking control of OT in many industrial settings, but while it is certainly true that the digital side is gaining greater access and steering more decisions than in the past, the assets at play in any smart setup will always be central to success. Likewise, OT personnel still hold tremendous value with their knowledge and experience, which complements insights from IT programs, and their ability to implement digitalization programs, which always require human input, regardless of the level of automation involved. People run programs.

So let’s take a pulse check, focusing on a few central elements of IT/OT convergence.

How convergence is changing security and strategy...

Even the most vocal supporters of smart, connected approaches in the industrial space must admit that

the connectivity that enables enhanced productivity also opens up new vulnerabilities. That’s a fact of life in modern manufacturingthe price we pay to work smarter. But the price can be mitigated. “As IT and OT environments converge more of the organization becomes digitally connected and further research is pursued to identify insecure designs and exploitable weaknesses—attackers push forward  and don’t sit still,” said Christina Hoefer, vice president, global industrial enterprise with Forescout. “Even worse, it often seems that threat actors have better visibility into the vulnerable devices on a network than the organizations that own and operate them.”

Scary. And oftentimes true. Nefarious parties often have a greater understanding of an enterprise’s network architecture than workers do, and exploit that knowledge whenever they can. The solution is a comprehensive, strategic approach to securing connecting OT elements within a digitalization program.

Simple, right?

“The first step to any effective OT-security program is building alignment between executives, business leaders, IT and operations,” explained Enrique Martinez, technical solutions architect—OT security, with  World Wide Technology. And that alignment among stakeholders informs shifting strategies and priorities.

While this changes rapidly in our fast-evolving industrial environment, IT and OT environments have, historically, been managed by different teams with different priorities. Likewise, many traditional OT systems were developed decades ago, and require legacy operating systems that are no longer supported. This leaves many OT environments vulnerable to threats and, frankly, unappealing to younger workforces with IT baked into their mental processes. That inhibits updates, limits security and stymies attracting new talent.

How convergence is changing data usage...

While automation and data collection have increased in the operational technology field, OT has lagged in converting that data into insights and putting it to use. Example: implementing machine-learning programs to harness the full scope of data.

Sensible factors limit these capabilities. As Jeffrey Ricker, CEO of Hivecell said, the divide between IT and OT environments exists for good reason—in order to keep operational technology secure there needs to be a gap between the two. “However, there is tremendous room for growth in how data is utilized in OT environments, and we are just beginning to see the tip of the iceberg.”

Exactly what is below the waterline of that iceberg? Sensors, for one, which can and regularly are installed on every piece of equipment within a facility, sending a constant stream of data to be monitored and assessed. “But a lot of this data is going unused or underutilized. Everyone underestimated how much IoT data there is being generated,” added Ricker, who notes the example of a vibration sensor on a dynamo running at 1000 Hz; while this one piece of data is easily processed and sent to the cloud, there may be hundreds of these in a single factory, all monitoring one data point.

“Organizations are in need of methods for processing data coming from large IoT networks on site. This is where edge computing provides the platform on which machine learning and large data management can begin to make real time impacts in OT environments,” noted Ricker. “By keeping data processing on site, edge networks are able to take those thousands of data points and process them in real time, only uploading the business-relevant data to the cloud. This requires another layer of compute on the factory floor.”

And it requires true convergence between teams. “There is an understandable hesitancy to adopting greater connectivity and large-scale automation for those on the factory floor. Increased connectivity comes with an increased risk of cyber-attack and professionals used to working without added levels to their IoT commonly are concerned about losing control over their systems. This is understandable.”

And this can be overcome. By simplifying the implementation of edge computing in these environments, organizations can upgrade OT environments and employ machine-learning options without the hurdle of hiring specialized and hard-to-find—think costly—IT/OT specialists.

“While IT has benefitted for years from centralized data and big-data processing, OT is still playing catch up,” Ricker summarized. “The hinderances to OT development in this area are based in practical concerns of how to process so much data in real time while maintaining cybersecurity and preventing disruptions to operations. By utilizing edge computing in concert with cloud systems and existing knowledge from controllers and engineers, organizations can begin to apply machine-learning models and increase efficiency, reliability and autonomy.”

Autonomy via convergence. It seems like a bit of an oxymoron, but then, circling back to that marriage analogy, the best personal relationships are often comprised of highly independent individuals. The best marriages, as any counselor will tell you, require patience and communication, commitment to the betterment of both parties and an agreement to compromise for the greater good.

IT/OT convergence follows these matrimonial pillars, and many of the professionals in both camps might spend more time with their converged coworkers than they do with their spouses, an arrangement that—in many cases—likely benefits both relationships.