• About
  • Subscribe
  • Contact
Wednesday, May 7, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Infrastructure & Platforms Cloud, Virtualization, Operating Environments and Middleware

PodChats for FutureCIO: Securing the enterprise post IT-OT convergence

Allan Tan by Allan Tan
February 8, 2021
PodChats for FutureCIO: Securing the enterprise post IT-OT convergence

PodChats for FutureCIO: Securing the enterprise post IT-OT convergence

In a blogpost titled The Strategy, Value and Risk of IT/OT Convergence, Kristian Steenstrup, distinguished VP analyst with Gartner, cited a special report, IT and Operational Technology Alignment, which focused on the strategy of integrating IT business systems with the operational technologies that are used to manage and automate equipment in a heavy industrial environment.

Steenstrup wrote that with IT and OT alignment, CIOs have a great opportunity to better enable decisions that optimize business processes and performance.

What he didn’t mention, however, is that as part of the alignment, the CIO will need to also figure out the security implications of such an alignment or as some call it today – a convergence.

Ten years on, as enterprises continue to push the envelope of digital transformation, they also embracing the Internet of Things or IoT. Many IoT devices are built from standalone technologies that tend to fragment processes and information across the enterprise value chain.

IT-OT convergence

Today CIOs are revisiting the IT-OT convergence IoT continues to get immersed into the enterprise fabric, and in the process reveal its potential to impact the security of the enterprise.

Geoff Mattson was the ceo of MistNet prior to its acquisition by LogRhythm. In his new role as senior vice president of product at LogRhythm, he acknowledges that OT has, mostly, been left out of the security consideration.

“As more OT is being brought into more IT environments, it is being linked to more IT infrastructure –becoming a more desirable part of the attack surface."

He goes on to explain that there are specific attacks that are designed to jump from IT into OT environments, or to go from OT into IT environments.

“That is why it is important to have network detection and response as part of your security arsenal. Because OT devices generally do not have the type of server-based monitoring agents that can be installed in them to protect you from threats,” he continued.

“The only way to secure OT is to look at what they're doing on the network, look for things that are unusual, and look for things that are threatening.”

“The good news is that in OT environments, they tend to have very regular patterns. Using a solution like MistNet, where we are able to identify things that are unusual, is very effective. In OT environments if something is unusual and if it is not a cyber threat, then it is often a maintenance problem. It is something you are going to want to know about in any case,” he concluded. 

Options for the CIO

What may well be the highlight of the PodChat is how the CIO should look at the OT-IT infrastructure.

Mattson says the work from home shift following the COVID-19 pandemic coupled with the greater use of digitised technologies and cloud, and the increased attack surface brought about with IoT, should give CIOs pause, evaluate their current solutions and consider what they need to do to supplement their arsenal.

“What they need to do is simplify their operations, make it easier for their teams to deal with threats. One way to do that is to use technologies that can provide broad coverage, using the same methodology, using a single screen over IT, OT and cloud,” he suggested.

Getting the most bang for your buck, or what security people call, getting the best vantage point from monitoring is important. He opined that this may well be why network-based detection response is having a renaissance, accelerating its growth in the industry.

“It provides a fast way for you to see a lot of what's going on in your enterprise, across a broad swath of your environment with a unified view, and with the ability to detect threats as they move across an environment as they try to migrate from one part of your environment to another.

“We think that looking at network monitoring is a good idea. Network monitoring that uses AI to simplify the job and simplify the responsibilities of your internal response team, because I have not met a security team and operational teams recently who said, you know, they just do not have enough work to do and they are bored and could have some more alerts to deal with."

“You need something that is sophisticated enough to be able to recognise threats for them, gather information for them, help them do their job, empower them to do their job, across a broad swath of your enterprise,” Mattson recommended.

Click on the PodChat player to listen to the full dialogue on IT-OT convergence.

  1. In 30-seconds what is LogRhythm?
  2. LogRhythm acquired MistNet, to advance what it calls its entry into the extended detection and response marketplace (or XDR). What is XDR, why do we need it, and is it meant to replace any existing threat detection system?
  3. How does the XDR solution or platform actually work?
  4. LogRhythm currently markets a solution it calls LogRhythm NextGen SIEM platform. Where will MistNet or CyberMist, the platform's name for the original product of MistNet, sit in this portfolio?
  5. Is the AI used in CyberMist already trained in almost all scenarios? Is there a training period to pick up the technology?
  6. How is CyberMist deployed? Does this installation introduce any latency in the way the network operates?
  7. Where do you see missing CyberMist being applied in a commercial or production environment?
  8. Cloud operators – Amazon AWS, Azure, Alibaba, IBM – have proprietary ways of operating. How do you bring CyberMist in there? Does it create any confusion, the amount of data you're collecting?
  9. One of the challenges we often hear is the integration of IT and OT. What are your thoughts on the prospects of providing a secure, integrated IT or OT environment?
  10. What's your recommendation for the CIO, as he tries to envision this integrated, secure OT-IT infrastructure? And how does he or she evaluate the value proposition of CyberMist in this environment?
Related:  PodChats for FutureCISO: Clamping down on TOADS
Tags: attack vectorcybersecurityIoTIoT securityIT-OT convergenceLogRhythmMistnetPodchats
Allan Tan

Allan Tan

Allan is Group Editor-in-Chief for CXOCIETY writing for FutureIoT, FutureCIO and FutureCFO. He supports content marketing engagements for CXOCIETY clients, as well as moderates senior-level discussions and speaks at events. Previous Roles He served as Group Editor-in-Chief for Questex Asia concurrent to the Regional Content and Strategy Director role. He was the Director of Technology Practice at Hill+Knowlton in Hong Kong and Director of Client Services at EBA Communications. He also served as Marketing Director for Asia at Hitachi Data Systems and served as Country Sales Manager for HDS’ Philippines. Other sales roles include Encore Computer and First International Computer. He was a Senior Industry Analyst at Dataquest (Gartner Group) covering IT Professional Services for Asia-Pacific. He moved to Hong Kong as a Network Specialist and later MIS Manager at Imagineering/Tech Pacific. He holds a Bachelor of Science in Electronics and Communications Engineering degree and is a certified PICK programmer.

No Result
View All Result

Recent Posts

  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR
  • Dataiku brings new AI capabilities to create and control AI agents
  • Microsoft reveals the rise of a new kind of organisation in the AI era
  • St Luke’s ElderCare enhances data security and user experience with Juniper

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe