There seems to be this constant game of tug-of-war between Information Technology (IT) and Operation Technology (OT) personnel in industrial settings. These individuals will often approach problems from different angles, and they don't always speak the same language. However, both functions are critical to a healthy operation and it's important for managers and other decision-makers to ensure that these two groups work both harmoniously and for the improvement of the company at large.
I contributed an article recently to Processing Magazine discussing this topic more comprehensively, but in general, there are three misconceptions that OT personnel have about the IT department.
1. Nobody Wants our Data
Just because you think your data isn't compelling or that it's nonconsequential for anyone else to have access to it, doesn't mean that you're not still at risk. Cyber ransom using ransomware is as prevalent as it's ever been. Also, important to keep in mind: there's more of it happening than you think. It's just not being reported because of what that does to a company's image.
2. Our Machines aren't on the Network
There is a substantial portion of OT professionals who think that if their systems are "air-gapped," then that should be sufficient. They mistakenly believe that if this is the case, there isn't a way in. However, this is simply not true. There are numerous incidents of viruses making their way into systems that were not connected to a network.
3. If the Machines are Run by PLCs, Were Safe
Similar to misconception #2, just because a machine is run by a PLC, that doesn't necessarily mean it's safe. Viruses can now make their way into systems whose machines are primarily run by PLCs.
The key comes down to communication and understanding. Both sides understand what they must do in their worlds but are sometimes lacking in that understanding of the other. What we've found is that the more OT and IT people communicate openly and work to mutually understand each other's challenges, the more effective, helpful solutions can be integrated.
Read the full article here: Cybersecurity: Understanding IT Needs from the OT Perspective