Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Data Breach
  • Not IT vs OT, but IT and OT
  • Data Breach
  • Vulnerabilities

Not IT vs OT, but IT and OT

4 years ago Dean Ferrando
Not IT vs OT, but IT and OT

IT environments have always been considered the forefront when it comes to cybersecurity, and OT environments have been the forefront when it comes to physical security.

As more and more cyber threats are taking place, and with an increasing number recently focused on OT environments, everyone seems to be concerned with how to upscale and secure their OT estates in terms of cybersecurity. However, rather than saying that OT dominions are the only ones that need to be upgraded, perhaps it is a good time to also review their IT holdings and look towards OT in terms of upscaling their physical environment and protecting the devices in scope.

OT environments have always focused on protecting physical entities such as walls, gates, doors, keys, and network hardware. To some extent, many have not even been protected with basic effective username and password authentication security. Although this has historically been a good enough practice, with newer communication methodologies being introduced to make remote management and vendor access easier, this has now opened up a whole bunch of new cyber threats. The OT world is now looking towards the IT world for help.

A World of IT and OT

IT environments have taken a different route. Rather than focusing on 100% protection of physical appliances, they have chosen to reduce the physical focal point in favor of keeping things simple and flexible. The new spotlight is to secure the non-tangible elements of permissions to data and communication access. Historically, this has been a feasible methodology, but with the recent breaches of well-known hardware manufacturers providing backdoor access to data, this has now opened up a new threat angle. The IT professionals should look towards the OT world for help.

Imagine a world where we could have the best of both OT and IT security merged into one methodology where we could have all environments protected 100% both physically and virtually. Imagine how hard it would be for any malicious organization to have to surpass both the physical environment in terms of navigating through truly segmented networks, layer 3 firewalls, reduced port access, and limited physical access to certain devices, coupled with multi layered walls, gates, doors, and other access points, only to find that all of the devices they finally get to are also truly secured with a very high level cybersecurity protection such as advanced encryption, intruder detection capabilities, file integrity monitoring, log capturing and alerting capabilities, vulnerability management, and consistent patch management. 

Rather than trying to compare which security methodology is better and how we need to bring one up to the other, why not combine the best of both worlds into one global security policy that could work for both the IT and OT estates? Physical security is as important as cybersecurity, and cybersecurity is as important as physical security; the two should not been seen as mutually exclusive but rather as complementary to one another. The only challenge we are seeing in the marketplace today to make this dream a reality is for both environments to find a common language that is understood by all.

The post ” Not IT vs OT, but IT and OT” appeared first on TripWire

Source:TripWire – Dean Ferrando

Tags: Goverment, High Severity, TripWire

Continue Reading

Previous Detecting Evasive Malware on IoT Devices Using Electromagnetic Emanations
Next Securing Smart Cities: What You Need to Know

More Stories

  • Cyber Attacks
  • Data Breach

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

4 hours ago [email protected] (The Hacker News)
  • Vulnerabilities

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

7 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

12 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Vulnerabilities

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

1 day ago [email protected] (The Hacker News)
  • Vulnerabilities

Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks

1 day ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

2 days ago [email protected] (The Hacker News)

Recent Posts

  • Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
  • TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
  • Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
  • AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
  • We Are At War

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT