Operational Technology Information Technology

Slides:



Advertisements
Similar presentations
NETWORK TRANSFORMATION THROUGH VIRTUALIZATION
Advertisements

MUNIS Platform Migration Project WELCOME. Agenda Introductions Tyler Cloud Overview Munis New Features Questions.
Lesson 3 – UNDERSTANDING NETWORKING. Network relationship types Network features OSI Networking model Network hardware components OVERVIEW.
YNG Solutions Website Usability Review Prepared by Josepha Rood December 19, 2008.
Principles of Information Technology
by Evolve IP Managed Services
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Basel Accord IITRANSITIONSERVICES Business Integration Support FCM Management Limited Paris New York Toronto.
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
Organizing Information Technology Resources
Computers & Employment By Andrew Attard and Stephen Calleja.
Networks and Hackers Copyright © Texas Education Agency, All rights reserved. 1.
Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.
ACM 511 Chapter 2. Communication Communicating the Messages The best approach is to divide the data into smaller, more manageable pieces to send over.
IT Infrastructure Chap 1: Definition
MIS3300_Team8 Service Aron Allen Angela Chong Cameron Sutherland Edment Thai Nakyung Kim.
An automated diagnostic system to streamline DSM project maintenance Johan du Plessis 15 August 2012.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Supporting Services in Schools ICT Service Level Agreement Howard Lazarus - ICT Support Manager Martin Morgans - Datacentre Manager.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Scott Butson District Technology Manager. Provide professional to all district staff Professional development has been provided on a regular basis to.
9 Systems Analysis and Design in a Changing World, Fourth Edition.
April 28, A shared commitment to provide the most effective education to all students so they live successful lives. In order to accomplish the.
NIZHAL KANINI Nizhal Kanini has ventured into IT Industry with a dynamic team of qualified professionals to offer a comprehensive portfolio of Computer-
SQL Server 2012 Session: 1 Session: 4 SQL Azure Data Management Using Microsoft SQL Server.
Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.
SCADA Supervisory Control And Data Acquisition Pantech Solutions Here is the key to learn more.
Artificial Intelligence In Power System Author Doshi Pratik H.Darakh Bharat P.
Dr. Ir. Yeffry Handoko Putra
Program Review Presentation May 5th, 2010
Chapter 1 Computer Technology: Your Need to Know
Chapter 7. Identifying Assets and Activities to Be Protected
Case Study: Real Life Unified Architecture Value
| Data Connectors: Atlanta, GA
Chapter 1- Introduction
Network Attached Storage Overview
CIS 333 Course Experience Tradition/ snaptutorial.com
Information Systems Development
Technology Department Annual Report
Data and database administration
Security Standard: “reasonable security”
CONNECTING TO THE INTERNET
IOT Critical Impact on DC Design
The Next Generation - UNIFIED
Chapter 1- Introduction
Control system network security issues and recommendations
How SCADA Systems Work?.
CCNET Managed Services
Information Technology (IT) Department
Systems Analysis and Design With UML 2
Introduction.
GRID COMPUTING PRESENTED BY : Richa Chaudhary.
NERC CIP Implementation – Lessons Learned and Path Forward
Unit 27: Network Operating Systems
DHCP, DNS, Client Connection, Assignment 1 1.3
Database Management System (DBMS)
Information Technology
Networks Software.
Virtual Private Network
PLC / SCADA / HMI Controllers: Name : Muhammad Zunair Comsats University Date: 28-October-2018.
Cloud computing mechanisms
Increase and Improve your PC management with Windows Intune
Operating System Basics
PLANNING A SECURE BASELINE INSTALLATION
Technology Department Annual Update
Software as a service (Saas)
Networking and Telecommunications
Principles of Information Technology
Anatomy of Industrial Cyber Attacks
Presentation transcript:

Operational Technology Information Technology VS Information Technology Wednesday, August 9, 2017 Terrell Brown, IT Supervisor Greensboro Water Resources Department

What is OT & IT? OT Operational Technology -Includes SCADA, DCS, PCS, etc. supervisory control and data acquisition, distributed control systems, process control systems -Generally covered by ICS Industrial Control Systems IT Information Technology -IP Networks (Internet Protocol) -Active Directory and other credentialing systems -Switches, routers, bridges, servers, workstations

A Brief History Operational technology systems and information technology systems were traditionally separated. OT networks are administered by electronics technicians, electricians, maintenance staff, and other industrial control professionals. IT networks are administered by network administrators, and other computer professionals. Still very much the case but many of these systems are integrating and bringing IT staff and OT staff closer together.

Operational Technology Consist of: Sensors, gauges, meters, pumps, valves, alarms, etc. Controllers (PLC’s, RTU’s) Human Machine Interfaces (HMI) Servers Networks (various protocols) Database and reporting systems

Information Technology Consist of: IP Based Networks (LAN/WAN) Workstations, Servers Switches, Routers, etc. Databases Reporting systems Wireless connectivity Software development Maintenance of hardware and software Security (antivirus, logging, threat monitoring and analysis)

Where They Overlap Consist of: Networks (IP most common) Computers (Workstations/Servers) Switches, Routers, etc. Databases Reporting systems Wireless connectivity Software development Maintenance of hardware and software Security (antivirus, logging, threat monitoring and analysis)

World Wide Web of Danger - As more and more ICS users integrate new technology, such as IP cameras, workstations, computers and other equipment that use or require an IP based network, the vulnerabilities increase dramatically. - Some ICS networks have a requirement to push data over a corporate network in order to assist in higher level reporting, maintenance, or monitoring. In some cases, remote control is being implemented, particularly over corporate networks and the internet. - These trends require the use of appropriate network switches, routers, and firewalls to “make up” for the loss of ICS air gaps.

Air Gaps Gain Bridges - Air gaps are becoming increasingly troublesome as demand for data and control across multi-facility networks increases. - With the advent of routing/switching/firewall technology, as well as dedicated wireless machine-to-machine networks, comes greater access to ICS networks which is great for productivity and bad for security. - What used to required physical access to a facility may now be possible from anywhere in the world. If there is a network connection then there is no longer an air gap protecting your ICS network.

Data, Applications, and Administration - Another area of concern as industrial control systems become more integrated into IT is support for computers, servers, databases and even custom application development. - There is a need for the IT group to consult the OT group in order to help provide resources. - This is not merely a collision of “old school” vs “new school” but a difference of purpose built networks vs multipurpose networks. - The two different cultures of technology that evolved parallel now need to interact with each other. - Typically the IT side dominates the design and infrastructure because that is what most OT systems now operate on for reasons of costs, support, and familiarity.

We All Need Help From Time to Time Network Engineers and Administrators Help design, setup, protect, and maintain your networks that all devices will be capable of using. They would maintain Active Directory or similar user/device management systems, storage area networks, server administration, etc. Database Administrators Setup, maintain, and protect the database systems that collect your control system data, develop or assist in developing reports, data views for other applications. Examples would include Microsoft SQL Server, Oracle, MySQL, etc. Application/Software Developers Creates customer software for workstation, server, web, or mobile use. This can be control, analysis, data entry, or monitoring software. Cyber Security Experts Charged with securing, analyzing security vulnerabilities, and establishing a threat assessment that should provide a roadmap for securing your network from being compromised – from outside or inside. Helpdesk and Computer Technicians Assist in specifying computers, setting up computer equipment, proving appropriate technical support for issues. ICS Subject Matter Experts already working on the IT side An ICS expert that works in IT can greatly assist in bridging the language and trust gap between OT and IT.

Consider Your Differences Realize that IT is non-deterministic as their networks are required to take on many different types of users, systems, devices, and paths. OT is very specific or narrowly focused on what is and is not connected, what endpoints have communication to other endpoints, and the pathways are very keenly designed. The same goes for applications, internet/remote access, databases, security, and interfaces. Changes happen at different rates for different reasons with OT versus IT. Remember that in an OT network, the control systems have priority over the computers and networks, where in IT the health of the network tends to take priority over the health of individual computers and servers.

Develop a Plan to Merge Gather all of your stakeholders and experts. Determine your needs as a group by discussing requirements and expectations. IT focuses on security and disaster recovery. OT focuses on operability and uptime. Find the medium that works for both systems but also reduces factors on reliability and security. Minimize external connections. Create redundancies to increase reliability Consider using standards that are not obscure to the industry. Standards are updated regularly and information is shared throughout the industry. As a matter of security and reliability, carefully assess the available knowledge and experience with solutions your team has identified. Some proprietary systems may not be well known to hackers but that may also mean availability of experts is sparse and more prominent systems may be well known in the industry also making it well known to the hacker community.

Remember - Do not compromise security for convenience! - Consider regular maintenance windows to perform updates - Needing to run 100% of the time is not an excuse for not performing maintenance. Consider building redundant systems. - Follow industry proven best practices when you can - OT People: IT is here to assist you, most of the time - IT People: OT have critical infrastructure that must keep running - Know your threats; security, system failure, disaster and be prepared

Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.