Cybersecurity In-Depth: Getting answers to questions about IT security threats and best practices from trusted cybersecurity professionals and industry experts.

Can I Use the Same Security Tools on My IT and OT?

You can quit worrying about IT tools in the OT environment.

Sean Tufts, Managing Partner for Critical Infrastructure, Optiv

August 10, 2020

2 Min Read
(Image: viperagp via Adobe Stock)

Question: Can I use the same security tools on my IT and OT?

Sean Tufts, practice director, product security, ICS and IoT, Optiv: You can absolutely leverage information technology and operational technology (IT/OT) tools in either environment. My soapbox: The worst thing the cybersecurity industry did was pretend it involves anything more than great IT fundamentals. I'm seeing OT walk down this same path. The most important factor in security tooling is culture.

Ask yourself:

Does this tool fit my project? Many people are rushing into the Internet of Things (IoT) market for visibility, but they need deep packet inspection for OT protocols. The culture of the code base can be mismatched, which leads to overspending. It’s the same thing with network monitoring. People buy on promise without seeing how the technology scales into OT. One great use case does not make a tool.

Does this tool fit my corporate culture? The best example here is whether staffing is required to run it. I had a client spend a year baking off products and bought the "cool" brand with all the bells and whistles, but it had zero plan to onboard the technology. Three months later the tool was shelfware.

Does its code base match my operating sensitives? You can use any IT tool in OT as long as it "fails open" and has redundancy. Don't think you can pivot a tool outside its skill set. For example, don’t expect to push a cloud client into an on-prem solution. If it feels unnatural, it is.

Overall, quit worrying about IT tools in the OT environment. The OT networks are historically terrible. We need to embrace both new capabilities and organizations trying to help.

Related Content:

 

About the Author

Sean Tufts

Managing Partner for Critical Infrastructure, Optiv

Sean Tufts is a former NFL linebacker turned cybersecurity leader with more than 10 years of cyber experience and 15 years of ICS experience. As the managing partner for critical infrastructure at Optiv, he heads a business unit responsible for identifying, modernizing and securing critical infrastructure clients' most vital business functions and operational assets. Optiv's IoT/OT team delivers strategic end-to-end security expertise, underscored by Sean’s hands-on knowledge of cybersecurity best practices for industrial and critical settings, including energy, oil and gas, and healthcare. Prior to Optiv, Sean had a hand in developing more than 3,500 MW of wind energy farms for a private EPC. His operations experience allowed for a smooth transition over to General Electric in 2015, where he joined the recently acquired Wurldtech Cybersecurity team. In this role, Sean embedded cybersecurity programs into the rotating machinery controls for GE Power, GE O&G (BakerHughes) and GE Renewables.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights