The State of Global Operational Technology 2022 – part 3
SCADAfence, the OT & IoT cybersecurity technology consultancy, conducted a survey on the current state of OT security, the negative consequence of the shortage of qualified workforce in the field, and the general level of risk organisations are currently facing.
In 2022 SCADAfence surveyed over 3500 OT and IT security experts all around the world. Most of them came from North America – 39%, followed by Europe with 26%, South America – with 18%, and 10% from Asia.
The last lot of three questions they asked belonged to the category
IT – OT Convergence
Operational technology existed a long time before the first computer was placed on the desk of a factory director. Then, for many years, the developing IT technology existed alongside the developing OT technology. Until recently, when it became obvious, that combining these two systems can provide enterprises with enhancing their competitive edge through more productivity, making the operational processes more cost efficient and flexible. This has happened spontaneously, as a result of technological evolution in both areas and the rise of the Industrial Internet of Things (IIoT) and related technologies have greatly impacted both the IT and OT domains. And in this process, the boundaries between these two are undeviating disappearing bit by bit.
The natural process of convergence of these two worlds made the enterprises gradually change how they approach the IT and OT systems and step in to aid the convergence process which is slowly but surely changing the very essence of manufacturing itself.
The convergence process comes with many challenges and risks for OT systems that by original design were not thought to be operating in an environment that is potentially open to third-party access with potentially malicious intents. As result, the inadequate security of some of the OT systems, especially the legacy ones, leaves them open to potential vulnerabilities and threat vectors.
This has been confirmed by a recent study by the Ponemon Institute which found that the inability to control security, safety, and privacy initiatives is seen as a barrier to IT-OT convergence.
The first question SCADAfence posed in this category was
Q1 – What is the level of IT-OT convergence in your organisation?
51% of the experts replied that their organisations had completed the convergence process.
Whereas 31% said that the IT-OT convergence is being discussed.
Only 17% said responded that the IT-OT convergence is not happening in their organisation.
The second question SCADAdence asked its respondents was
Q2 – What are the most important factors in ensuring a successful IT-OT convergence process?
50% of the answers were that it is the communication between the IT and OT teams that is the biggest factor for successful convergence
This was followed by two equal pools of 21% of answers, one saying that it is the involvement of leadership that is critical to a successful convergence, and the other stating defining team roles as the most important factor.
The smallest group of 8% of respondents thought that providing the right tools is a detrimental factor.
The last, third question was
Q3 – Who would take responsibility for a cyberattack on OT systems?
84% of respondents believed that the CISO should take the responsibility for a cyberattack on OT systems.
And only 16% believed the responsibility falls on the OT team.