The nature of vulnerabilities for IT systems and SCADA-based operational technology (OT) systems are very different. Protecting these disparate parts of a company’s technology infrastructure is critical, but if done in a non-integrated way it can still leave unexposed vulnerabilities. Protecting against this takes technology, but also organizational change that brings an integrated approach to cyber security. For that, an organization needs to cultivate:
Context – Most vulnerability risk management programs score threats, but the sheer amount of data on these threats is often too much for enterprises to thoroughly consume. And its double when IT and OT systems threats are being analyzed. Enterprises need additional context to make sense of and take action on this data.
Collaboration – Both the IT and OT teams are faced with increased risk from third-party vendors. There is a growing need for these two teams to collaborate, but this can be a challenge due to their differing priorities and operating cultures.
Communication – While technology is an enabler that can provide visibility and threat detection, communication between IT and OT teams is key to successfully evaluating vulnerabilities and protecting the enterprise as a whole.
In this presentation, Juliet Okafor, SVP, Global Security Solutions for Fortress Information Security, will discuss the current state of IT/OT vulnerability risk management programs and how tomorrow’s programs will need context, collaboration and communication to successfully identify and remediate threats. She’ll draw on her experience working with Fortune 500 companies to show how communication, enabled by technology, is the answer to a successful relationship between the two teams.