Breaking IT/OT Silos With ICS/OT Visibility

As the threat landscape continues to grow across industrial sectors, it is more important than ever that these organizations understand their networks and gain visibility across critical systems. In light of recent developments, including the discovery of the PIPEDREAM modular industrial control system (ICS) attack framework last year,1 companies and utilities in critical infrastructure must mature their security operations to gain insights from both information technology (IT) and operational technology (OT) networks in order to prevent disruption, degradation, and even destruction of industrial environments. In this 2023 ICS/OT Visibility survey, the results provide a glimpse into the relationship between IT and OT security operations and provide key insights, including:

• While SOC capabilities are expanding to include more ICS/OT, there are still significant gaps in OT-specific visibility as well as staffing and education issues across enterprise IT.
• Even in the areas where IT and OT SOC capabilities are merging, the visibility is still incomplete.
• OT security programs are less mature than their IT counterparts, specifically in the areas of identifying, containing, and eradicating threats in their environments and overall incident response.
• Although staffing and lack of education and training were identified as the greatest

challenges for security operations, there are also significant gaps due to legacy technology and limitations in implementing IT capabilities in OT environments. Survey results also indicate that these are the areas that could benefit from more automation (because they require more resources) and where respondents feel IT and OT could complement each other more.

This survey explores how respondents are currently tackling ICS/OT visibility challenges, the gaps across the IT-OT boundary, the roadblocks for expanding visibility, and the maturity comparisons from both domains.