Learning Objectives:
- Discover what digital safety is and why it’s important
- Learn how to determine who’s responsible for digital safety and ways to secure buy-in
- Acquire methods to gain a baseline of understanding for digital safety and cybersecurity within your organization
- Explore conflicting perspectives that can get in the way of executing digital safety protocols
Lines of delineation between information technology (IT) and operational technology (OT) have historically been siloed and separate. However, with convergence between the two and the advent of Industry 4.0 and 5.0, the need for common understanding and processes relating to digital safety and cybersecurity is crucial.
By understanding the dynamics — including people, processes, technologies, solutions, roles and procedures — from both an IT and OT perspective, you can create more effective and robust cybersecurity to help prevent threats, said Jim Cook, COO of Velta Technology.
On Oct. 18, 2022, CFE Media and Technology will offer a Virtual Training Week course called “Working Together for ICS Digital Safety and Cybersecurity: Perspectives and Insights from an ex-IT Guy,” featuring Cook as speaker. At this event, you can learn from a former chief information officer (CIO) of a global organization who is now helping companies address OT security risks. The course, which will be available for one year, also offers a professional development hour (PDH) credit.
Creating digital safety
Why does the divide between IT and OT seem so difficult at times to address? Cook said the priorities and lifecycle of each group are completely different. OT is focused on physical outcomes: safety, production efficiency and process integrity. IT is focused on digital outcomes: confidentiality, integrity and availability. As a result, what works for IT doesn’t always work in an OT environment. For example, scanning and patching are standard operating procedure for IT departments, but they can be a hinderance for OT, causing downtime and safety issues. There’s also an issue of technology.
“IT wants the latest tech. ‘Let’s get the latest version. Let’s get the latest firmware,’” Cook said. “The lifecycle — if you’ve got a PC that’s three to five years old, it’s time to turn it. Windows is changing. There’s a new version. On the OT side, we’ve got equipment that we’ve been running for 15 to 20 years. If we’ve got equipment that we put in five or 10 years ago, we’re expecting to get another 10 to 15 years out of it.”
One of the ways Cook suggests organizations can begin to heal this divide is to focus on what he calls digital safety, as opposed to cybersecurity. While IT’s focus is security, OT’s is safety, so this will better speak to their priorities. Still, digital safety and cybersecurity are more complicated than ever in the modern environment, thanks to emerging technologies, increased risk factors, ease of attacks and IT/OT convergence.
To learn more of Cook’s strategies for moving forward and tips for creating cross-discipline teamwork, check out the Virtual Training Week course on Oct. 18.
Do you have experience and expertise with the topics mentioned in this article? You should consider contributing content to our CFE Media editorial team and getting the recognition you and your company deserve. Click here to start this process.
