OT Security: Security for Operational Technology

No industrial production without Operational Technology (OT). But OT plays by its own rules: OT security poses a particular challenge for IT security managers. This is because separate standards and protocols are often used to network classic manufacturing systems with digital control components. Our topic page guides you through the jungle of OT security and summarises the relevant offerings at it-sa 365.

default Stage Background
Robot arm with industrial employee

OT Security: Security for Operational Technology

No industrial production without Operational Technology (OT). But OT plays by its own rules: OT security poses a particular challenge for IT security managers. This is because separate standards and protocols are often used to network classic manufacturing systems with digital control components. Our topic page guides you through the jungle of OT security and summarises the relevant offerings at it-sa 365.

Special challenges

south_east

Measures & fitting providers

south_east

Relevant sectors

south_east

Why OT security has its own rules

  • Production is the basis of the economy: everyday goods are just as much the result of industrial production as machines or cars. However, operational technology also poses specific requirements in the area of critical infrastructures.
  • Different technical conditions prevail in the field of OT, posing particular challenges for cybersecurity.
  • The interaction of analogue systems and digital components leads to a convergence that has produced its own standards and protocols.
visibility
Steer, monitor, regulate Manufacturing systems and digital technology come together in the context of industrial production. Controlling, monitoring and regulating physical processes are at the centre of this, for which specific protocols exist. The term Operational Technology (OT) has become established for this, which describes the use of hardware and software to control production systems.
school
Terms from the OT world IT components are usually combined with mechanical and electronic parts using special IT modules that are equipped with special interfaces and components - Industrial Control Systems (ICS). Instead of OT, however, the term operating technology or cyber-physical systems is also used, as well as the term Supervisory Control and Data Acquisition (SCADA).
bolt
Critical Infrastructure inconceivable without OT The areas of application are very diverse and range from the control of robots in a factory plant to oil refineries, power plants, shipyards or transport and utility companies. The processes and workflows are correspondingly diverse. Industrial control systems can be found in a variety of manufacturing-intensive sectors, especially in critical infrastructure (CNI or KRITIS in German).
it-sa 365 | IT Security Update

We need your approval.

This content is provided by Youtube. By enabling this content, your personal data may be processed by the vendor and cookies may be set.

Security considerations with IT/OT Convergence

Typical methods - how OT systems can be protected

Specialised software systems are often used to protect OT systems from attacks. This also includes intrusion detection systems (IDS). An important measure is adaptive network segmentation, often combined with micro-segmentation. Customised patch management is also part of the OT security repertoire. Numerous providers have now specialised in this area.

Watch the video to find out all the key challenges and solutions for a successful OT security strategy. 

 

More presentations on the topic of OT security

Matching providers on the topic of OT Security

Manufacturer
Fortinet GmbH
Supplier
SoSafe GmbH
Bosch CyberCompare
Search for more companies
Factory hall with robots of an assembly line

Special challenges for security in the OT segment

Production systems that very often run around the clock and cannot be switched off easily, systems with long service lives of often several decades that are not state of the art are just two examples of the particular challenges for security in the OT segment.

Special hardware components, proprietary protocols and specialised software usually prevent the use of traditional security products in OT and require other solutions, which were also presented at it-sa Expo&Congress 2023.

To the article: Solutions for OT security

More articles on the topic of OT Security

Emergency stop switch on a machine
4/2/2024
Production downtimes after cyber attacks: Vulnerabilities in OT security cause problems

IT-based industrial control systems (ICS) dominate production. They are not classified as IT, but...
Robot arm with industrial employee
12/13/2023
Security deficiencies in the OT sector: 78 percent want to increase security budgets

The fear of security incidents among OT operators is growing. They often have major security defi...
Factory hall with robots of an assembly line
12/13/2023
New approaches to OT security: solutions for special requirements

Operational technology is often a blind spot for IT security departments. New security solutions ...
10/31/2023
Hacking attack on Marc O'Polo - what you can learn from it

In 2019, a hacker attack paralysed the fashion company Marc O'Polo. Dr Patric Spethmann, COO and ...
Surprise Critis Roof Law
9/18/2023
KRITIS-Dachgesetz (CER law) aims to improve security - and throws up surprises

The Federal Office of Civil Protection and Disaster Assistance and the Federal Office for Informa...

Expert knowledge in lecture form

Further actions on the topic live and on demand

Would you like to stay informed about the latest findings and trends in the field of OT security? Are you looking for an opportunity to expand your expert knowledge? IT security experts share their expertise with you in interactive live formats. Take the opportunity to ask your questions directly. Afterwards, all presentations are available on demand. Regardless of whether you want to watch a specific presentation again or catch up on a presentation you missed.

Register as an it-sa 365 user and gain access to our extensive knowledge hub!
Register now for free!

OT security is important for these industries

OT technology can be found in many different sectors of the economy, which have completely different processes and use different machines and systems. Examples include the following:
  • Industrial production
    Everyday products are usually fully automated or at least partially automated. This applies, for example, to robots and assembly lines in the automotive sector, for machine tool manufacturers, but also for packaging manufacturers and printing machines. The production facilities are often very large and fill factory halls.
  • SMEs
    Manufacturing here includes special products, contract manufacturing for individual customers or small series. The systems used are usually small to medium-sized, often older and sometimes less networked. There is often a lack of specialised personnel with IT expertise for ICS or SCADA systems.
  • Start-ups
    These young companies mostly enter the market with creative ideas and niche production. Self-built devices, outsourced production areas, frequently changing systems and the use of 3D printers characterise this sector. If OT is used, it is usually only for the development and production of prototypes. OT security issues are rarely considered.
  • Healthcare
    The healthcare sector includes not only hospitals and clinics, but also doctors' surgeries, pharmacies and laboratories. Complex, highly specialised systems such as X-ray machines, MRI scanners or haematology equipment for analysing blood samples are used almost exclusively. From the outside, the systems often form a black box that cannot be tampered with. This makes security measures more difficult. At the same time, health data that is considered particularly worthy of protection is often processed.
  • Energy and water supplier
    Many of these companies belong to the critical infrastructure. Almost all of them are central to supplying the population. One of the special features is that there are both private and municipal suppliers. The systems are often scattered over large areas, are often outdated and come from different manufacturers. The strong regulation of the CNI/KRITIS sector has generally significantly increased the level of security.
  • Chemicals, pharmaceuticals, food
    Sensitive raw materials, which are often not harmless but can still be vital, characterise these industries. Characteristics include production under special hygienic conditions with automatic centrifuges and filling systems. Often the smallest quantities and ultra-pure processes are involved. Even the smallest deviations can have dramatic consequences.
Networking

You are not yet a registered user of it-sa 365?

The it-sa 365 platform is available to you as a digital HOME OF IT SECURITY all year round. As a registered participant, you can use the platform free of charge and have the opportunity to network with experts and enter into direct dialogue 365 days a year. You can participate in the IT Security Talks and other events & actions at it-sa 365 free of charge. We will also keep you up to date with news about our digital programme and the it-sa Expo&Congress on site in Nuremberg.

We look forward to you joining the it-sa 365 community!

Register now for free!

More topics

Awareness Cloud Security Critical infrastructures (CI) Hacking & Defence