So said Samresh Ramjith, chief solution and marketing officer at Dimension Data Security Solutions MEA, speaking at ITWeb Security Summit 2015, in Midrand, yesterday.
OT supports physical value creation and manufacturing processes. It comprises devices, sensors and software necessary to control and monitor plant and equipment.
According to Ramjith, the worlds of IT and OT are converging, and this creates "huge" security challenges when data is exchanged across these converging points.
This widespread interconnectivity has created an environment in which IT and operational systems are increasingly vulnerable to cyber threats, said Ramjith.
Ramjith noted most businesses have processes for ensuring the operating systems for IT tools are up to date, but few apply the same care to patching OT.
Updating software on OT systems usually presents considerable challenges, because, in many industries, systems are outdated and may run outdated operating systems that cannot be fixed, he added.
Also, there is encryption limitation – most of the devices on the OT systems are physically incapable of running encryption. They do not have the memory or processing power to run encryption, leaving them vulnerable to cyber criminals, said Ramjith.
"Because industries already have networks which they are still struggling to secure, application vulnerabilities and weaknesses they are battling with, as well as the mobile and cloud environment, which is equally insecure, the advent of IOT has worsened these challenges."
An integrated strategic approach is needed to balance the security objectives related to information and operational technologies, said Ramjith. There is a need to effectively communicate between IT and OT software and systems to create real value from IOT implementations, he added.
Companies should also apply good risk management principles, de-identify data and test security measures before launch, concluded Ramjith.
Our comments policy does not allow anonymous postings. Read the policy here