Updated: Jul 10, 2020
Operational Technology is a relatively new term but not a new concept. The use of the word Operational Technology OT for short is used to distinguish between Information Technology (IT) and has been more relevant since the advent of IoT. With IT vs OT we can define operational technology cyber security needs among other things.
Let me provide you with a couple definitions from other sources and then I'll give you a different way to look at it more simply.
Definition 1 - Wikipedia
"Operational Technology (OT) – the hardware and software dedicated to detecting or causing changes in physical processes through direct monitoring and/or control of physical devices such as valves, pumps, etc.
Simply put, OT is the use of computers to monitor or alter the physical state of a system, such as the control system for a power station or the control network for a rail system"
Definition 2 - Whatis
"Operational technology (OT) is a category of hardware and software that monitors and controls how physical devices perform."
Definition 3 - Gartner Glossary
"Operational technology (OT) is hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes and events."
In Other Words
Operational Technology OT is the "IT stuff" for industrial computer systems.
So now the question is, why do we need this distinction at all then?
Traditionally within the industrial world they would still refer to the computer and networking equipment as "I.T." and is typically run, maintained and operated by systems/maintenance engineers or technicians.
But this type of IT is different to what most people mean by IT, particularly in the Business world. Now this common term becomes a problem because when you apply IT solutions to Industrial IT systems - you break the systems!
Okay, so now we know there is a difference between Industrial IT systems and IT systems, and we have a name for it "Operational Technology", how do we know they are different?
When and where do we draw the line?
Well here's some key differences that I've found to be the easiest to explain it.
IT and OT have common technology, but different goals.
For example here's my IT/OT Car Analogy.
There's a racing car and city car. Both have common technology - wheels, seats, windshield, engine, etc but both have different goals, one for racing and one for city driving.
Because the goals have changed therefore the problems you solve are different and so the design changes.
The definition of what is considered good or bad completely changes.
A racing car doesn't care for creature comforts, cup holders. They sacrifice luxuries for the reduction in weight. Whilst a city car doesn't need something that can drink fuel quickly and get them to max speed since likely they will stop more often, be in the car longer and probably want a music player.
Now back to IT vs OT.
IT cares most about Information (lo and behold, it's in the name) whilst OT cares about the process and the operation of that process (wow, also in the name). What does this mean?
An IT system will prioritize protecting data over most things. If a system needs to be restarted so it gets its updates and has less risk of losing data, then so be it.
An OT system will prioritize running the process over most things. If data is lost or not saved or not logged or backed up, sure, as long as the system does not stop running.
And in this nutshell we see where some issues can arise. Now, the above example isn't the only way the differences in goals manifest but it's a good segue into the cyber security needs.
One of the best ways to improve your cyber security is to regularly update your systems. A staggering amount of mass hacks occurs when there was already a patch available for the vulnerability. In fact, the average amount of time a patch has been available for with such cases is 100 days.
But as we said earlier, in order to patch a system, you may need to stop the system and in an OT environment stopping the system is the number one thing you don't want to do.
In basically all cases you have a direct significant negative impact on the production for the business.
A detailed breakdown of IT vs OT in terms of Cyber Security will help you understand these goals and we created a nice table to assist in visualizing this.
Operational technology is a term that you will hear more often in the engineering world and has a very clear distinction to information technology. Watch this space as the industry evolves and we deal with IT/OT convergence and the Internet of Things IoT.
I'll cover IT/OT convergence and IoT in another post as well as ways you can practically improve your Cyber Security in an OT environment.