Every day, the boundary between Information Technology (IT) and Operational Technology (OT) is dissolving, and these solutions are adopting Internet protocols to interact, integrating with the Industrial Internet of Things (IIoT).
It is practically the final stage of a technological convergence in which various programming languages and multiple incompatible and proprietary platforms of traditional brands in the market are being replaced by models that are universal, adaptive and flexible to allow for the automation and robotization of industrial processes to be more economical and extendable to any production system.
According to McKinsey’s article The Convergence of IT and OT Powers Up the Scalability of Business Operations, some of the more specific challenges for convergence include:
• The need for manual translations between business and operational layers, often through spreadsheets
• Data that is not collected or that is fragmented in silos within IT and OT layers
• The lack of an integrated management execution system or multiple systems without interconnection
• Control and supervision layers without adequate interconnection, sensors or analytics, with minimal integration in adjacent process steps
Thus, the complexity of industrialization can be relieved by integration with ERP, CRM and other systems. McKinsey also points out several challenges and notes that “as digital capabilities become more strategic and more complex alternative solutions become less and less viable, more companies are getting serious about eliminating these silos and converging the IT/OT operating model.”
According to the article, “doing so promises to accelerate ongoing use cases, democratize access to data and technology across the value chain, launch new use cases that leverage native cloud capabilities and improve frontline decision-making through using data from both IT and OT systems.”
Karina Cáseres, CIO, Danone for the Southern Cone region
At Danone, we work on the convergence between IT and OT in three areas: Awareness, technical aspects and focus on security. Regarding awareness, we focus on education, conveying the importance of teamwork. IT works with the OT areas, understanding this convergence and its advantages.
In the past, operational areas used to develop projects without basic IT fundamentals, for example, by hiring external suppliers. Currently, there is a bridge built with OT and thanks to the process of understanding, we can capitalize on the best of both areas (IT/OT) by adding key aspects such as security, cost and error reduction, workflow improvement and standardization.
The second axis is related to the technical part, such as network segregation or the installation of specific devices. Then, we highlight the importance of working independently but in a coordinated manner. IT leads and focuses on data and connectivity, while OT focuses on controlling existing physical devices.
Last but not least, our third axis is security. Cybersecurity is fundamental in IT and helps to maintain secure confidential data, ensuring that users connect to the Internet safely and preventing possible cyberattacks.
Cybersecurity is also vital for OT systems to protect critical infrastructure. In this aspect, IT is an indispensable consultant, part of the evaluations, validating architecture and protocols. This convergence benefits project quality and the sustainability of implemented solutions.
Currently, the IT team is a reference. Through IT, we support and try to provide tools to the OT teams to have better conversations with suppliers when resolving different situations to advance their projects more efficiently and safely.
As mentioned, the OT teams have a more physical and concrete vision, while the IT teams have one that involves processes and seeks to leverage all data. When IT begins to work with OT teams, providing a broader view, we are more open to detecting more opportunities for integration. For example, if we place a device at the end of the line, we can anticipate that it will allow us to track the production statement.
Michael Bernstein, CTO, Clicksign
CIOs and CTOs are constantly working to leverage the convergence between IT and OT in our industry in various ways, such as implementing disruptive technologies like Artificial Intelligence (AI), the Internet of Things (IoT) and automation to improve efficiency and decision-making.
Additionally, we are working with other companies and organizations to develop strategic partnerships. These partnerships may involve exchanging knowledge and technology, sharing resources and collaborating on projects.
The focus is on customer experience and developing solutions that enhance the user experience. It includes implementing data analytics technologies to understand the needs better and provide personalized solutions. Data management also becomes essential for gaining deeper insights and making informed decisions. It comprises implementing advanced data analytics tools and adopting effective data management strategies.
At Clicksign, we work to leverage the convergence between IT and OT for the electronic signature by adopting cloud-based technologies that offer greater flexibility and scalability, ensuring that data is always protected and user privacy is maintained.
Security is also a critical concern for us. So, in this sense, investing in advanced security technologies such as two-factor authentication and end-to-end encryption is crucial to ensure that user information is safe and distant from any threat. We use APIs to integrate electronic signature systems with enterprise systems such as Customer Relationship Management (CRM) and document management.
We look forward to creating integrated and innovative solutions that improve efficiency and user experience and help their organizations stand out in an increasingly competitive environment.
Roberto Hashioka, CTO, Nextron Energia
The convergence of IT and OT offers significant opportunities for innovation and increased efficiency, such as system integration, emerging technologies and the development of new business models. System integration, such as energy management, Supervisory Control and Data Acquisition (SCDA) systems and data analytics solutions, along with the exploration of technologies such as the Internet of Things (IoT), Artificial Intelligence (AI), Machine Learning (ML) and Blockchain, has the potential to enhance existing processes significantly.
However, IT and OT integration also brings significant challenges to information security. One of the main problems is the increased attack surface and cybersecurity risks.
For example, hacking into power plant systems and smart meters can result in vulnerabilities that hackers can exploit. It can lead to power supply interruptions and compromise consumers’ privacy.
We must adopt a proactive approach to managing cybersecurity risks to address these challenges effectively. It involves developing and implementing solid information security policies and procedures to ensure the integrity, availability and confidentiality of critical data and systems.
Additionally, it is essential to regularly conduct risk assessments to identify and prioritize areas that require substantial protection and attention.
The mitigation measures include data encryption, which ensures the confidentiality of information by making it unintelligible to unauthorized persons. On the other hand, two-factor authentication enhances security by requiring users to provide two types of credentials to access a system, such as a password and a code sent to their mobile phone.
Network segmentation is another crucial security measure as it separates critical networks from less critical ones, making it more difficult for intruders to access and move within the systems.
In summary, the convergence of IT and OT brings significant opportunities for innovation and efficiency but also presents challenges in information security.
To address these challenges, it is essential to take a proactive approach to risk management, develop robust security policies and procedures, perform risk assessments, and implement mitigation measures such as data encryption, two-factor authentication and network segmentation.
Click below to share this article