#RSAC: Build Better Bridges Between OT and IT
Better bridges need to be built between IT and operational technology (OT).
Focusing on the successes in cybersecurity’s past, Matt Watchinski, vice-president of Cisco Talos, said that “we need to analyze success and failure, as without both sides, we don’t get the full picture.”
Speaking at RSA Conference 2019, Watchinski said that the cybersecurity industry has “released spectacular products,” built security in via a development lifecycle and created alliances among security companies to share information on what “the bad guys are doing and how we can counter it.”
Watchinski also said that we “learned to create better outcomes by asking better questions.” However, the introduction of interconnected devices (which have their unique threat profiles, run on IP and are connected to the IT security world) “changes how we look at the world.”
He added that the world is changing and “technologies we are creating are bleeding into the IT world and will eventually bleed into the OT world.”
He said: “This will change and challenge us to be better at what we do, and now we have to learn a new world of OT security and it’s very different to the world we’re in now.”
Also speaking was Liz Centoni, senior vice-president and general manager of Cisco's Internet of Things Business Group, who said that the gap between OT and IT needs to be closed, and better understanding is needed about who the OT team are and what they do.
“OT care about safety and not data loss, and what is going off the production line,” she said. “The OT world wants systems up and running.”
She acknowledged that different teams are measured on different things, and that drives decisions and everyone agrees visibility is important, but the “basics in OT go a long way; they are a means to get operational insight and to know what assets are in your environment.”
Centoni concluded by saying that the “next landscape looks very different” and encouraged delegates to adopt the “new world and be the bridge between IT and OT.”
Join Infosecurity’s Webinar on 2nd April, looking at the challenges of visibility in IT and OT environments, taking place at 3pm BST/10am EDT
Source: Information Security Magazine