Presentation is loading. Please wait.

Presentation is loading. Please wait.

Operational Technology Information Technology

Published byBeverly Jacobs Modified over 6 years ago

Similar presentations

Presentation on theme: "Operational Technology Information Technology"— Presentation transcript:

1 Operational Technology Information Technology
VS Information Technology Wednesday, August 9, 2017 Terrell Brown, IT Supervisor Greensboro Water Resources Department

2 What is OT & IT? OT Operational Technology
-Includes SCADA, DCS, PCS, etc. supervisory control and data acquisition, distributed control systems, process control systems -Generally covered by ICS Industrial Control Systems IT Information Technology -IP Networks (Internet Protocol) -Active Directory and other credentialing systems -Switches, routers, bridges, servers, workstations

3 A Brief History Operational technology systems and information technology systems were traditionally separated. OT networks are administered by electronics technicians, electricians, maintenance staff, and other industrial control professionals. IT networks are administered by network administrators, and other computer professionals. Still very much the case but many of these systems are integrating and bringing IT staff and OT staff closer together.

4 Operational Technology
Consist of: Sensors, gauges, meters, pumps, valves, alarms, etc. Controllers (PLC’s, RTU’s) Human Machine Interfaces (HMI) Servers Networks (various protocols) Database and reporting systems

5 Information Technology
Consist of: IP Based Networks (LAN/WAN) Workstations, Servers Switches, Routers, etc. Databases Reporting systems Wireless connectivity Software development Maintenance of hardware and software Security (antivirus, logging, threat monitoring and analysis)

6 Where They Overlap Consist of: Networks (IP most common)
Computers (Workstations/Servers) Switches, Routers, etc. Databases Reporting systems Wireless connectivity Software development Maintenance of hardware and software Security (antivirus, logging, threat monitoring and analysis)

7 World Wide Web of Danger
- As more and more ICS users integrate new technology, such as IP cameras, workstations, computers and other equipment that use or require an IP based network, the vulnerabilities increase dramatically. - Some ICS networks have a requirement to push data over a corporate network in order to assist in higher level reporting, maintenance, or monitoring. In some cases, remote control is being implemented, particularly over corporate networks and the internet. - These trends require the use of appropriate network switches, routers, and firewalls to “make up” for the loss of ICS air gaps.

8 Air Gaps Gain Bridges - Air gaps are becoming increasingly troublesome as demand for data and control across multi-facility networks increases. - With the advent of routing/switching/firewall technology, as well as dedicated wireless machine-to-machine networks, comes greater access to ICS networks which is great for productivity and bad for security. - What used to required physical access to a facility may now be possible from anywhere in the world. If there is a network connection then there is no longer an air gap protecting your ICS network.

9 Data, Applications, and Administration
- Another area of concern as industrial control systems become more integrated into IT is support for computers, servers, databases and even custom application development. - There is a need for the IT group to consult the OT group in order to help provide resources. - This is not merely a collision of “old school” vs “new school” but a difference of purpose built networks vs multipurpose networks. - The two different cultures of technology that evolved parallel now need to interact with each other. - Typically the IT side dominates the design and infrastructure because that is what most OT systems now operate on for reasons of costs, support, and familiarity.

10 We All Need Help From Time to Time
Network Engineers and Administrators Help design, setup, protect, and maintain your networks that all devices will be capable of using. They would maintain Active Directory or similar user/device management systems, storage area networks, server administration, etc. Database Administrators Setup, maintain, and protect the database systems that collect your control system data, develop or assist in developing reports, data views for other applications. Examples would include Microsoft SQL Server, Oracle, MySQL, etc. Application/Software Developers Creates customer software for workstation, server, web, or mobile use. This can be control, analysis, data entry, or monitoring software. Cyber Security Experts Charged with securing, analyzing security vulnerabilities, and establishing a threat assessment that should provide a roadmap for securing your network from being compromised – from outside or inside. Helpdesk and Computer Technicians Assist in specifying computers, setting up computer equipment, proving appropriate technical support for issues. ICS Subject Matter Experts already working on the IT side An ICS expert that works in IT can greatly assist in bridging the language and trust gap between OT and IT.

11 Consider Your Differences
Realize that IT is non-deterministic as their networks are required to take on many different types of users, systems, devices, and paths. OT is very specific or narrowly focused on what is and is not connected, what endpoints have communication to other endpoints, and the pathways are very keenly designed. The same goes for applications, internet/remote access, databases, security, and interfaces. Changes happen at different rates for different reasons with OT versus IT. Remember that in an OT network, the control systems have priority over the computers and networks, where in IT the health of the network tends to take priority over the health of individual computers and servers.

12 Develop a Plan to Merge Gather all of your stakeholders and experts.
Determine your needs as a group by discussing requirements and expectations. IT focuses on security and disaster recovery. OT focuses on operability and uptime. Find the medium that works for both systems but also reduces factors on reliability and security. Minimize external connections. Create redundancies to increase reliability Consider using standards that are not obscure to the industry. Standards are updated regularly and information is shared throughout the industry. As a matter of security and reliability, carefully assess the available knowledge and experience with solutions your team has identified. Some proprietary systems may not be well known to hackers but that may also mean availability of experts is sparse and more prominent systems may be well known in the industry also making it well known to the hacker community.

13 Remember - Do not compromise security for convenience!
- Consider regular maintenance windows to perform updates - Needing to run 100% of the time is not an excuse for not performing maintenance. Consider building redundant systems. - Follow industry proven best practices when you can - OT People: IT is here to assist you, most of the time - IT People: OT have critical infrastructure that must keep running - Know your threats; security, system failure, disaster and be prepared

14 Questions

Download ppt "Operational Technology Information Technology"

Similar presentations

NETWORK TRANSFORMATION THROUGH VIRTUALIZATION

NETWORK TRANSFORMATION THROUGH VIRTUALIZATION
MUNIS Platform Migration Project WELCOME. Agenda Introductions Tyler Cloud Overview Munis New Features Questions.

MUNIS Platform Migration Project WELCOME. Agenda Introductions Tyler Cloud Overview Munis New Features Questions.
Lesson 3 – UNDERSTANDING NETWORKING. Network relationship types Network features OSI Networking model Network hardware components OVERVIEW.

Lesson 3 – UNDERSTANDING NETWORKING. Network relationship types Network features OSI Networking model Network hardware components OVERVIEW.
YNG Solutions Website Usability Review Prepared by Josepha Rood December 19, 2008.

YNG Solutions Website Usability Review Prepared by Josepha Rood December 19, 2008.
Principles of Information Technology

Principles of Information Technology
by Evolve IP Managed Services

by Evolve IP Managed Services
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Basel Accord IITRANSITIONSERVICES Business Integration Support FCM Management Limited Paris New York Toronto.

Basel Accord IITRANSITIONSERVICES Business Integration Support FCM Management Limited Paris New York Toronto.
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.

Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
Organizing Information Technology Resources

Organizing Information Technology Resources
Computers & Employment By Andrew Attard and Stephen Calleja.

Computers & Employment By Andrew Attard and Stephen Calleja.
Networks and Hackers Copyright © Texas Education Agency, 2013. All rights reserved. 1.

Networks and Hackers Copyright © Texas Education Agency, All rights reserved. 1.
Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.

Current Job Components Information Technology Department Network Systems Administration Telecommunications Database Design and Administration.
ACM 511 Chapter 2. Communication Communicating the Messages The best approach is to divide the data into smaller, more manageable pieces to send over.

ACM 511 Chapter 2. Communication Communicating the Messages The best approach is to divide the data into smaller, more manageable pieces to send over.
IT Infrastructure Chap 1: Definition

IT Infrastructure Chap 1: Definition
MIS3300_Team8 Service Aron Allen Angela Chong Cameron Sutherland Edment Thai Nakyung Kim.

MIS3300_Team8 Service Aron Allen Angela Chong Cameron Sutherland Edment Thai Nakyung Kim.
An automated diagnostic system to streamline DSM project maintenance Johan du Plessis 15 August 2012.

An automated diagnostic system to streamline DSM project maintenance Johan du Plessis 15 August 2012.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Supporting Services in Schools 2012 -2015 ICT Service Level Agreement Howard Lazarus - ICT Support Manager Martin Morgans - Datacentre Manager.

Supporting Services in Schools ICT Service Level Agreement Howard Lazarus - ICT Support Manager Martin Morgans - Datacentre Manager.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Similar presentations

Ads by Google