Governance & Risk Management , IT Risk Management , Operational Technology (OT)
How to Make IT-OT Convergence SmoothExperts from Rockwell Automation Share Their Ideas and Experience
How can enterprises ensure that their IT and OT teams work together on security? Two experts from Rockwell Automation share their thoughts.
"We brought IT, plant engineers, plant managers and security teams together in a room for a week, and we had a workshop. We used the NIST Cybersecurity Framework, which most CISOs know and use for their IT environment, to talk through the IT/OT converged environment. At first, IT and OT were on opposite sides of the table. They were not going to work together.
"But as they started talking, they started to understand each other. We came out of the workshop with a road map that both sides had created together, and we've been executing that road map ever since," says Dawn Cappelli, vice president and CISO at Rockwell Automation.
"In IT, there are usually central functions. In OT, you have plants that are pretty much independent because they're scattered all over the country and oftentimes globally. The life cycle of the OT technologies is 10 to over 20 years and they're highly decentralized," says Dilip Sawhney, managing director - India at Rockwell Automation.
In this video panel interview with Information Security Media Group, Cappelli and Sawhney discuss:
- Why IT and OT convergence has been tough historically;
- Common IT and OT security challenges;
- How IT and OT security teams can work together to have a common security framework;
As vice president and CISO at Rockwell Automation, Cappelli is responsible for developing and executing a holistic cybersecurity strategy to ensure that the company’s infrastructure, products and customers are safe, secure and resilient. She became CISO in 2016, after joining Rockwell in 2013 as director of insider risk to create the company’s insider risk program.
As managing director at Rockwell Automation, Sawhney leads the company's India business - developing the market, creating partnerships and building a team that serves customers across industries all over the country. He has more than 25 years of experience in industrial automation and healthcare technology industry.