OT Cyber Security Audit Workshop

OT focuses on data processing, while IT is responsible for physical process control.

OT manages physical processes like HVAC and lighting, whereas IT focuses on data processing and network management.

• OT integrates digital, computational systems in data centers, whereas IT manages remote access to building environments.

OT uses isolated networks for critical data management, while IT manages automation of physical assets

To centralize IT and OT teams under a single control structure for unified governance.

• To align OT practices with corporate, security, and compliance goals while ensuring operational efficiency and safety.

To develop separate compliance policies for OT and IT to avoid security overlap

To ensure OT systems prioritize data privacy over physical safety in building operations

• Conducting periodic physical walkthroughs to document changes in asset configurations.

Relying solely on automated inventory management systems for real-time data

• Implementing a hybrid approach combining passive, active, and manual methods for comprehensive asset discovery.

• Using network segmentation to isolate and inventory only high-risk assets.

Ensuring regular IT audits cover all OT risks, given the similar threat profiles of both systems.

Applying a continuous improvement model to adjust security controls according to emerging threats and operational updates

Focusing solely on physical access controls to secure OT environments against cyber threats

Prioritizing compliance with only one primary cybersecurity standard, such as ISO 27001

Centralizing all security controls to apply a unified protocol across all vendor technologies

Limited supply chain dependencies, reducing the complexity of managing OT assets

Ensuring standardized security compliance across diverse vendor technologies and systems.

Increasing visibility through vendor-specific, proprietary tools that integrate seamlessly

• Prioritizing data confidentiality over system availability and safety.

Emphasizing a layered security approach that includes both physical and cybersecurity measures.

Using centralized IT controls without modifications for OT needs.

Limiting access controls to external systems only, reducing in-building restrictions

Rebooting affected OT systems promptly to restore functionality

Ensuring OT incident response plans align with general IT response protocols.

Isolating compromised OT components without disrupting core physical processes

Implementing continuous updates during incidents to strengthen security

To ensure that OT and IT systems are fully integrated without security exceptions

To verify compliance with OT cybersecurity policies and identify security gaps across building systems

To implement real-time security controls in response to immediate OT threats

To establish centralized control over all OT assets, reducing on-site autonomy