Culture Conflict
This leads to the second issue standing in the way of cybersecurity: a culture conflict between the OT and IT environments.
"OT networks traditionally are managed by operators and engineers rather than someone with an IT or information security background," Ernst & Young notes in a recent cybersecurity technical report. "As these individuals are trained to focus on safety and operating efficiency, cybersecurity awareness is often secondary -- it is not linked to its role in maintaining safety and process-operation effectiveness."
"OT has a real focus on safety and availability. In IT it is confidentiality, integrity and availability," Phillippe says about this conflict of expertise. "IT hasn't necessarily had to deal with the safety focus before. When systems go down, they haven't had to deal with people potentially getting hurt." On the other side, as OT and IT converge, he says, OT engineers will have to incorporate the confidentiality and integrity principles into their work.
"I want to see more IT working with controls," says David Wang, chief technology officer at Beet Analytics Technology. "With internet penetrating factory floors for the first time ever, there is a new playground for IT to apply IT technology." The systems they develop can lead to new standards for industrial security and create a network that will keep wireless operations running smoothly, efficiently and safely. With industry-wide standards, he says, many of these issues could be resolved.
Should manufacturers focus on efficiency and communication or security and safety? With thoughtful, informed and above-all careful integration of wireless networks and devices into operations, experts say, the answer really can be, "Both."
