Frequently Asked Questions

Complex cybersecurity questions and challenges to comprehensive solutions by Sectrio

Group 1362 - sectrio

Title mark blue 2 - sectrio    What is IoT cybersecurity?

Security or protection for IoT or the Internet of Things from the threat of cyber vulnerabilities and cyberattacks is defined as IoT Security. IoT security starts from the blueprint stage and extends on to every aspect of IoT operations covering data in motion and data at rest.

Title mark blue 2 - sectrio    What is OT cybersecurity?

Security or protection to Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), Programmable Logic Controllers (PLCs), Distributed Control Systems (DCS), Industrial IoT (IIoT), Remote Processing Units (RPU), Industrial Robots and Human Machine Interface (HMI) from the threat of a cyberattack, vulnerability, or rouge activities that may cause harm or operational downtime to people, assets and information is called as OT cybersecurity.

Or

Security or protection to operational equipment and control systems that operate such equipment from the threat of a cyberattack, vulnerability, or rouge activities that may cause harm or operational downtime to people, assets and information is called as OT cybersecurity

Title mark blue 2 - sectrio    What is the difference between IT and OT?

IT refers to Information technology that primarily deals with all aspects of information or data ranging from the confidentiality, Integrity to its Availability (The CIA triad) while OT refers to Operational Technology i.e., operational equipment and control systems that operate such equipment dealing with the availability of the assets, access to the control systems, integrity of the assets and control systems and the security aspects of OT.

Title mark blue 2 - sectrio    What is IT-OT Convergence?

The connectivity of OT via internet to an IT network to leverage the data collected by physical equipment to identify challenges and areas for improvement in efficiency of the overall processes is known as IT-OT convergence.

Title mark blue 2 - sectrio    What is an ideal security posture?

An ideal security posture incorporates the following elements:

  • The level of threat protection is aligned to the threat environment
  • Threat surfaces are all accounted for and secured
  • Employees are aware of and are following security best practices
  • Security teams are working with a high level of operational visibility into networks
  • All devices have been inventoried with information on patch and vulnerability status as well
  • IT-OT-IoT security governance policy has been formulated and published
  • The business is in continual compliance with at least 2 major standards (NIST CSF, IEC 62443, ISO, regional standards on data security etc.)

The security team is receiving enough support from other teams

Title mark blue 2 - sectrioWhat are the common security challenges caused by the IT-OT Convergence?

Connectivity of OT to IT network via the internet brings exposure to previously known air gapped OT equipment and creates a wide range of security challenges. Common security challenges include: 1. Lack of visibility into connected network. 2. Ransomware 3. Access/privilege management 4. Undiscovered attack surfaces 5. Actors with malicious intent.

Title mark blue 2 - sectrio    What can such security challenges lead to?

  • Loss of data
  • Loss of asset availability with extended downtimes
  • The business may not be able to live up to its commitments
  • Hackers may release the stolen data or user credentials on the web leading to secondary attacks

What is IoT cybersecurity?

Security or protection for IoT or the Internet of Things from the threat of cyber vulnerabilities and cyberattacks is defined as IoT Security. IoT security starts from the blueprint stage and extends on to every aspect of IoT operations covering data in motion and data at rest.

What is OT cybersecurity?

Security or protection to Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), Programmable Logic Controllers (PLCs), Distributed Control Systems (DCS), Industrial IoT (IIoT), Remote Processing Units (RPU), Industrial Robots and Human Machine Interface (HMI) from the threat of a cyberattack, vulnerability, or rouge activities that may cause harm or operational downtime to people, assets and information is called as OT cybersecurity.

Or

Security or protection to operational equipment and control systems that operate such equipment from the threat of a cyberattack, vulnerability, or rouge activities that may cause harm or operational downtime to people, assets and information is called as OT cybersecurity

What is the difference between IT and OT?

IT refers to Information technology that primarily deals with all aspects of information or data ranging from the confidentiality, Integrity to its Availability (The CIA triad) while OT refers to Operational Technology i.e., operational equipment and control systems that operate such equipment dealing with the availability of the assets, access to the control systems, integrity of the assets and control systems and the security aspects of OT.

What is IT-OT Convergence?

The connectivity of OT via internet to an IT network to leverage the data collected by physical equipment to identify challenges and areas for improvement in efficiency of the overall processes is known as IT-OT convergence.

What is an ideal security posture?

An ideal security posture incorporates the following elements:

  • The level of threat protection is aligned to the threat environment
  • Threat surfaces are all accounted for and secured
  • Employees are aware of and are following security best practices
  • Security teams are working with a high level of operational visibility into networks
  • All devices have been inventoried with information on patch and vulnerability status as well
  • IT-OT-IoT security governance policy has been formulated and published
  • The business is in continual compliance with at least 2 major standards (NIST CSF, IEC 62443, ISO, regional standards on data security etc.)

The security team is receiving enough support from other teams

What are the common security challenges caused by the IT-OT Convergence?

Connectivity of OT to IT network via the internet brings exposure to previously known air gapped OT equipment and creates a wide range of security challenges. Common security challenges include: 1. Lack of visibility into connected network. 2. Ransomware 3. Access/privilege management 4. Undiscovered attack surfaces 5. Actors with malicious intent.

What can such security challenges lead to?

  • Loss of data
  • Loss of asset availability with extended downtimes
  • The business may not be able to live up to its commitments
  • Hackers may release the stolen data or user credentials on the web leading to secondary attacks