The Benefits of OT, IT Collaboration

The Benefits of OT, IT Collaboration

  • By Ryan Zatolokin
  • Aug 24, 2023

It is no secret: OT and IT are converging.

Physical security devices that were previously air gapped or standalone are now connected to a network, and with physical security devices more affordable than ever, the number of connected devices continues to grow. However, just because the technology itself is converging, that does not mean the human side of OT and IT are following suit.

Security cannot wait for anything, and in the meantime, organizations need a vendor provided device management platform to bridge the gap between OT and IT. Without proper management of devices, cybercriminals can take advantage of gaps in the network.

No matter the size of the organization or the attitude towards their network and the devices on it, a device management platform from the vendor will keep all the necessary ducks in their proverbial row.

With a device management system in place, both OT and IT employees can collaborate to keep firmware up to date, stay on top of necessary decommissioning and replacement, and most importantly, have visibility into all global locations. Without a device management system, you might not notice a device has gone offline until you need the data the device should have been recording.

Device management systems are also particularly critical as replacement strategies and can be configured to meet the various needs across organizations. For instance, some organizations replace a device as soon as the warranty is expired, which can account for up to 20% of their devices a year. On the other hand, some organizations simply never replace devices until they cease to function.

There is also the middle ground of replacing a device when it is no longer supported by firmware updates. In all these scenarios, the vendor-provided device management platform will serve as the reminder for replacement, regardless of what that replacement benchmark may be.

All About Attitude
While those of us in the security industry think about what it means to be utterly secure, not all organizations are security oriented, and even less have a balanced approach to both physical and virtual security.

Fewer organizations than you may think genuinely care about cybersecurity, and the “security” for an organization usually refers to the people hired to protect the physical space: picture the guy sitting in the room with all the camera feeds on display as opposed to the person responsible for the cameras producing those feeds.

Typically, security hires are not the actual IT staff responsible for configuring and maintaining the devices – they simply manage the systems with the dashboard that they are given. However, as IT has had to get more involved with every step of the device lifecycle, organizations are starting to slowly pay more attention to the potential cybersecurity issues, which means that OT and IT are on the same team.

OT and IT convergence on the human side has increased exponentially from even five years ago; a change driven in part by large organizations who have more to lose. This convergence has complicated things on multiple levels. For instance, when thinking about budget areas and responsibilities, clear divisions have become muddied. If an organization needs a new physical security system, but that system will require IT installation and maintenance, does the money for that system come out of an OT budget or an IT budget?

If one party “owns” the entire thing, does that mean the other party has no say in configuration? This results in a confusion not only about how the devices are initially configured, but also how they are maintained throughout their lifecycle. In essence, though an organization may be one big happy “family,” each family member may have different perceptions or attitudes about how things should be done.

A vendor-provided device management system can bring this “family” together by providing a simple, informative dash for OT while simultaneously helping IT with APIs, connected systems, and reports. Especially for large organizations, this system needs to be user friendly while still being able to manage complex IT infrastructure needs, which is a task daunting enough that many organizations have been postponing it.

This is no longer a task that can be sidestepped, though. At this point, organizations will be doing their employees a dangerous disservice by not giving them an effective way to collaborate. If all parts of an organization get in on the ground floor together, you will never have a situation where an employee is confused or playing catchup.

Organizations are more successful when IT is involved with physical security early, so that if there is ever a problem, they do not have to first understand the entire network before finding a solution. On the other side, if OT works alongside IT to get a network set up, then they can more easily define an issue as soon as it pops up rather than waiting for something disastrous to occur.

The Third Teammate: Device Management
A device management system not only facilitates the collaboration between OT and IT professionals and ensures the coherence and security of an organization's network regardless of whether the employee monitoring it is on their first day or later in their career. A device management system also acts as an impartial reminder for replacements, regardless of individual benchmarks between different departments.

The attitude of organizations toward security is a crucial factor that shapes the effectiveness of the partnership between OT and IT. Organizations should always be prioritizing security and making choices that lead to a system that secures physical sites, as well as virtual ones. This shared goal brings OT and IT onto the same team, blurring traditional boundaries and prompting collaboration.

While human factors may inevitably present challenges, a device management system serves as the critical link between these two worlds, allowing for effective collaboration and streamlined operations. In an era where the boundaries between physical and digital security are rapidly eroding, if they are not gone completely, organizations that embrace this convergence and empower their employees with the right tools will be better poised to navigate the challenges and opportunities that lie ahead.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3