"Divide Between IT and OT Teams Stops Businesses Having a Unified Security Strategy"
According to a report released by Dragos and the Ponemon Institute, over 63 percent of organizations have faced an ICS/OT cybersecurity incident in the past two years, but only 21 percent of organizations have a mature ICS/OT cybersecurity program in which emerging threats prompt priority actions, and C-level executives are regularly informed about the security of their OT. In addition, only 43 percent of organizations have cybersecurity policies and procedures aligned with their ICS and OT security objectives. Just 39 percent have IT and OT teams working together to achieve a mature security posture across both environments, while only 35 percent have a unified security strategy in place to secure those environments despite the need for different controls and priorities. Steve Applegate, the chief information security officer at Dragos, pointed out that most organizations lack the IT/OT governance framework needed to push the development of a unified security strategy due to the shortage of OT-specific cybersecurity expertise. This article continues to discuss key findings from the report and the cultural divide between IT and OT teams preventing organizations from having a unified strategy to protect both environments.