Updated August 15, 2022. Originally published November 12, 2021.
In the past, IT (information technology) and OT (operational technology) were operated, managed and maintained separately in organizations. However, as more traditional industries digitized and introduced more advanced technologies, the borders between the two worlds have blurred. Let’s examine the differences between OT and IT and understand how and when each is used.
IT is the computer technology software and hardware that is used for creating, managing, sharing and storing digital organizational data. This includes the management and maintenance of computing resources (on-premises or in the cloud), networks, databases, servers, computers, systems and zero trust components. For example, email systems, CRMs, and more. As such, IT systems are usually connected to the internet.
IT infrastructure forms the backbone of the organization and is used by departments that rely on the flow of digital data, such as engineering, marketing, sales, finance, and human resources (HR). IT can be adjusted and programmed and is frequently updated to ensure relevance and security.
While IT refers to digital and electronic information, OT is the technology hardware and software that is used for managing, controlling and monitoring physical industrial devices and machines. It is used in physical production industries, like electricity, water, wastewater, oil and gas, manufacturing, and more.
OT networks consist of two layers:
The Operational Network – The PLCs (Programmable Logic Controllers), sensors, RTUs (remote terminal units) and actuators. These are the physical components used to monitor and control the equipment itself. They measure metrics like temperature, speed and kilowatts.
The Control Network – The SCADA (Supervisory Control and Data Acquisition) systems. This is the software used to aggregate and analyze the data from the OT network. It includes an HMI (Human-Machine Interface), which is the operational network’s UI.
In many factories and industrial organizations, the IT network serves as an additional technology layer on top of these operational and control networks.
Unlike IT, OT systems have traditionally been air-gapped and not connected to the public internet. As a result, in most cases only a few experts had access to OT systems, and systems are not frequently updated. Sometimes systems are in fact so old that updating or patching is not even technically possible. To enable external connections, factories often implement a VPN connection to the OT, which can be insecure and risky.
Digital transformation and technological advances like Industry 4.0 and the Internet of Things (IoT) have led to greater connections and alignment between IT and OT systems. If the two types of systems were completely demarcated in the past, today they are convergiving, with IT systems being used increasingly to manage and monitor their OT counterparts.
This convergence has made these physical machines “smart,” which provides factories and companies with a variety of advantages, including:
Advanced monitoring, including alerts and real-time reports
Automation of processes
Simplified and accessible monitoring
Remote controlling through the public network
Implementation of AI and ML
Democratization of OT information to eliminate silos
Predictive maintenance to improve efficiency and reduce costs
Improved compliance
| IT Systems | OT Systems | IT/OT Convergence |
Purpose | Business data | Device and machine data | Machine monitoring via data flow |
Components | Computer software and hardware | Industrial device software and hardware | Both + IoT devices |
Users | Most enterprise departments | A small number of experts in factories | A small number of experts in factories |
Accessibility | Public/private network | Usually a closed system with an insecure VPN connection | A closed system with entry points to the public network |
Security | Frequent attacks based on a large attack surface | Large scale attacks based on a small attack surface or VPNs | Both |
In our next blog post, we will dive into the distinctive security challenges facing OT networks.
Author
Eran Shmuely is the Chief Architect and Co-Founder of Cyolo. Prior to Cyolo, Eran was the Senior Security Engineer at Salesforce and the Open-Source Security Research Leader at GE Digital.