IT vs. OT security -- and how to get them to work together Understand the best IT/OT convergence strategies
Tip

5 benefits and challenges of IT/OT convergence

IT/OT convergence comes with many benefits but implementing a convergence strategy can be a challenging undertaking. Follow these tips to overcome common issues.

It's been a decade since Gartner accurately predicted the partnership between operational technology and information technology systems. Although the partnerships might have started on the factory floor, the idea of aligning previously siloed systems to share and use business intelligence more efficiently has spread to other industries as well. Healthcare and retailers have enjoyed the benefits of IT/OT convergence as they streamline their workflows, improve productivity and increase their bottom lines.

Yet, even with these benefits, organizations are still hesitant to implement IT/OT convergence. The two teams have such different approaches to security, data management and system availability, making it difficult for them to come together in a cohesive collaboration. The solution is to ensure that leadership understands the benefits of IT/OT convergence and highlights them to the organization. The positive effect convergence brings to both IT and OT is the key to bringing them together.

Why IT/OT convergence matters

"It's becoming table stakes to compete in any market," Jonathan Lang, research manager of worldwide IT/OT strategies at IDC, told IoT Agenda. Not only are industrial and manufacturing companies enjoying the benefits of this convergence, but the rest of the business world is starting to take notice. IoT devices are becoming smarter and are easier to manage today, making them a viable option for a wider range of organizations, businesses, industries and even cities and municipalities.

Any organization looking to deploy IoT devices while gaining new efficiency levels, building more responsive customer relationships and developing new business models must combine the OT and IT areas of their business. IT/OT convergence is a necessary step to achieving a tech-based future.

IT/OT convergence challenges and solutions

Benefits to IT/OT convergence

The general benefits to IT/OT convergence are cost, performance and productivity gains. It leads to optimizations and transformations across the organization, from operations to business.

1. Cost savings

Convergence helps organizations lower operating costs by optimizing resource utilization, energy, cooling and device management. There are fewer systems to procure and maintain by sharing infrastructure, and legacy infrastructure is replaced by more efficient systems. It can also lead to data center and real estate savings as single-function devices can be consolidated into integrated systems and free up valuable space.

2. Better performance

Combining IT and OT data means organizations can generate more accurate and meaningful KPIs. KPIs help drive efficiencies and higher performance across the organization, helping both teams pursue and achieve common goals. It increases visibility into both areas companywide, giving the rest of the organization a view into how technology helps achieve common objectives.

3. Improved flexibility

Access to real-time data and KPIs empowers organizations to react more quickly to market changes. They can change production timelines based on outside factors efficiently while still meeting business objectives. Convergence optimizes workflows and eliminates redundant ones, enabling the organization to operate more efficiently.

4. Increase operational standards

Some organizations use the IT/OT convergence project to bring longstanding IT best practices to their operational systems. For example, incorporating a patch management program to OT devices to ensure that they're operating with the latest firmware. Existing IT monitoring technologies can be extended to OT systems and devices, enabling real-time monitoring and centralized asset tracking. Multiple functions can be consolidated into one monitoring system or console for faster user experiences to streamline predictive maintenance tasks.

5. Enhanced security orchestration

Converged OT/IT systems can bridge the gap between cybersecurity and physical security for organizations with centralized monitoring systems and tools. That's because IT and OT systems have different security needs and capabilities that usually can't be met with one strategy or tool. IT/OT convergence projects increase OT security visibility across the organization and help IT teams incorporate existing systems into an overall cybersecurity strategy.

The challenges to successful IT/OT convergence

Now that we've seen the benefits of IT/OT convergence projects, it's time to look at the challenges and learn how to overcome them.

1. Different team perspectives

IT and OT teams have different perspectives, responsibilities and areas of concern, so it can be challenging to get them to work together on a convergence project. "There are two groups, two sets of technology and two groups of concerns," Sid Snitkin, vice president of cybersecurity services at the Arc Advisory Group, told IoT Agenda. IT teams are used to dealing with business data and executives and using the latest technology and practices. On the other hand, OT work is all about manufacturing and using systems or physical devices designed to last for decades.

Solution: Early cross-training for IT and OT teams can help create the collaborative environment needed to give visibility to each and create trust between them. They'll better understand the value each perspective brings and how they must work together to maintain it.

2. Device communication challenges

Many edge devices are only capable of one-way communication or may not have much computing power. For example, an industrial sensor may generate a stream of outbound data but cannot accept inbound traffic. Others may not use standard communication protocols and are therefore incompatible with existing IT networks. In these cases, IT/OT convergence will require extra work by both teams.

Solution: An IT asset inventory can help identify where additional infrastructure might be needed to facilitate communication from the OT devices, indicate which devices must be replaced with more modern equipment and ensure that everyone knows where gaps exist.

3. Scalability issues

Today's edge devices produce massive amounts of data. Unless the IT systems are prepared, the devices may overwhelm the infrastructure. IT teams may not have a complete picture of the number of edge devices in the fleet because of OT asset monitoring limitations and may be unprepared for the actual number.

Solution: Additional intermediary infrastructure or cloud services can help manage the data flow from OT devices to the IT network. A documented convergence strategy that includes a scalability section with current and future states can also guide the convergence team to ensure all use cases are covered. Mirroring assets and workflows with digital twins can help identify potential failure points without affecting the production environment.

4. Cybersecurity challenges

Trying to protect an integrated IT/OT network is a significant challenge, especially when using older OT devices. These devices were often manufactured with minimal consideration for security, making them an ideal target for criminals to launch an attack against the entire network. A single cybersecurity posture may not be enough to cover all the devices in a fleet.

Solution: Because OT devices tend to produce data packets with specific structures that don't change, IT infrastructure can be set up with smart filtering to detect and eliminate anomalous packets that may indicate an attack. Zero-trust authentication can also be deployed on the devices to protect their communications.

5. The faster evolution of IT

In the last decade, innovation has driven IT to move to more as-a-service models and cloud services. OT hasn't had the same opportunities for innovation because of its focus on mostly closed and operations-centric workflows and requirements. Edge devices tend to be less complex and powerful, so they can't meet the demands of more advanced IT systems.

Solution: Edge computing devices can use IT best practices to expand their capabilities into newer use cases. For example, by using cloud data aggregation services, organizations can gather and analyze data produced by older OT devices to simulate the real-time advanced analytics that happens on newer devices.

IT/OT convergence offers many benefits to organizations across all areas and teams. It can modernize any OT deployment, align it with current IT best practices and help organizations realize significant long-term benefits. These include improved productivity and performance, greater transparency into workflows across production and operations, reduced production costs and increased revenues.

Dig Deeper on Enterprise internet of things

CIO
Security
Networking
Data Center
Data Management
Close