SecurityMatters is now part of Forescout
SecurityMatters is now part of 

Never miss an update! Subscribe to our blog.

published on May 9, 2017

5 Tips to Improve IT/OT Alignment

Getting IT and OT to work together seamlessly can present challenges. Here are a few tips to help you move one step closer towards achieving this goal.

5 Tips to Improve IT/OT Alignment

Until recently, the separation between IT (Information Technology) and OT (Operational Technology) was clear, and the two functions operated independently in their respective areas. However, the race towards the Industrial Internet of Things (IIoT) / Industry 4.0 has increased the adoption of IT technologies in OT networks, which has initiated a convergence between these two functions.

While this technological shift has brought tremendous benefits to control systems, it has also created an unprecedented interdependence of the IT and OT functions, creating a need for their alignment. The deep “cultural” differences between the two, combined with the strong desire of both teams to contribute to the cause, often leads to conflict and a lack of cooperation. However, to preserve both the security and operational resilience of OT networks, it is fundamental to have IT and OT work together.

There are ways that you can manage this conflict and achieve a good working relationship between IT and OT.

Here are 5 Tips to Enhance IT/OT Alignment:

1. Clearly communicate common goals

To align the IT and OT teams within your organization, it’s important to first recognize what your long-term goals are, so both functions have a clear picture of the company’s overall objective. For example, a goal of critical infrastructure and manufacturing companies could be to implement minimal security measures to make cyber intrusions to the OT network more difficult, without jeopardizing device and process operation. Once goals are set and clearly communicated, you can move towards creating a structure to achieve these goals.

2. Create an IT/OT roadmap

To build a structure for the joint IT/OT team, members should collaborate to create a short-term and a long-term outline of when and how IT and OT should overlap. Defining which function will manage the control systems, operate any security software, interact with external parties (e.g. contractors, vendors) and dictate the control systems budget will facilitate dialogue and help to achieve real improvements in the overall operation of the team.

3. Define IT vs. OT roles

Once you have decided on the structure your organization will utilize, you can begin to more clearly define each side’s role in the process. OT should support the physical value creation and manufacturing process, including the devices, sensors and software necessary to control and monitor the plant and equipment, and IT should combine all necessary technologies for information processing. It’s essential that both sides understand the importance, capabilities and needs of the other to effectively underscore the value of both functions.

4. Conduct cross-training

Part of successfully aligning IT and OT is to conduct cross-training to give each side perspective into what the other does. IT should understand the different role that OT plays to better recognize what their needs are, and vice-versa. The purpose of doing this is to provide both groups with information, resources and a foundation on which to build a good working relationship that will further your long-term goals.

5. Empower each team with the appropriate tools

If IT must be responsible for the overall security of the OT network, they need to have visibility into the assets and communications behind the OT industrial firewall. This will allow them to perform the required threat analysis and cyber risk management and to define the best strategy for protecting the network. Employing the right visibility tool can also bring benefits to OT, as it can identify process inefficiencies and perform predictive maintenance on assets. Having both teams select and approve a tool that brings mutual benefits will increase individual satisfaction and team cohesion.

Although every organization operates differently, putting some of these general tips into action will put your organization one step closer towards achieving IT/OT alignment.

SecurityMatters NIST Framework e-book

Join the conversation