IT/OT Convergence, a SANS Focus

Wednesday, October 11, 2017 @ 01:10 PM gHale


By Gregory Hale
With the Industrial Internet of Things (IIoT) just around the corner, that means IT/OT convergence needs to occur, the question remains on just what a manufacturer needs to do to come to grips with this vital area.

“We have started this journey a few years ago and it is really picking up steam now,” said Mike Assante, director of industrials and infrastructure at SANS Institute, during a joint podcast with the ARC Advisory Group.

RELATED STORIES
ARC-SANS: Security Education for Industry
ICSJWG: Putting Numbers Behind Risk
ICSJWG: Change in Security Approach Needed
Power Grid Compromise

“Most business strategies really rely on the digital transformation that needs to occur. I like to say the three Cs, concentration, convergence, combined with connectivity, really require the three Ps that is process, planning and people,” Assante said during the podcast. “If you think about it, everyone should begin with the realization they have to recalculate how they think about and look at risk. That should provide them the understanding to drive a new strategic planning effort with their partners.”

One way to tackle that problem is to look at people, which can be the greatest asset for a security solution or the biggest issue.

Users need to “understand who is responsible for what, what their capabilities are and what competencies they need to possess,” Assante said.

Along those lines, SANS will conduct an industry workshop Feb. 11 at the ARC Industry Forum in Orlando, FL, to help.

“No one should be doing this alone as we are working … helping people to lay the foundation for that strategic plan and hopefully preempt some of the challenges you will come across along the way,” Assante said.

Last year was a big year for cybersecurity at the ARC Advisory Group Forum and the 2018 version will increase that much more.

“Last year we had 16 cybersecurity vendors presenting,” said Mark Luciw, director of strategic services at ARC. “We are expanding our coverage this year in terms of IIoT, building security, infrastructure, as well as smart cities. We are taking the focus from the plant issues that deal with cybersecurity in the OT world, but we are also talking about the IT/OT convergence so it focuses to the CISOs and that is why we are collaborating with SANS.”

As Assante said, there will be a IT/OT focused workshop Feb. 11 at 4 p.m., then on Feb. 12, it will be a cybersecurity Monday with several focused workshops in addition to other security sessions through Feb. 15.

In addition, the cybersecurity conversation will continue March 19-20 at the SANS Summit in Orlando, FL.



Leave a Reply

You must be logged in to post a comment.