Security Concepts

IT and OT – Siblings of Modern Critical Infrastructure

When “Smart” Becomes Risky: IT and OT in Modern Infrastructure

In today’s industrial landscape, Information Technology (IT) and Operational Technology (OT) are no longer distant cousins—they’ve become siblings in the heart of critical infrastructure. As factories, utilities, and supply chains adopt more IoT and IIoT systems, they gain sophistication and efficiency—but also new vulnerabilities. What happens when a sensor fails, a network glitch occurs, or a malicious actor exploits a weakness in a control system? Incident management teams are now bridging the divide between IT and OT—responding to outages, cybersecurity events, and unplanned downtime in environments where the boundaries are blurred.

How do we build trust, clarity, and shared accountability between operations and IT—and ensure that in our pursuit of automation, we don’t accidentally open the gates to systemic risk?

News and Media

iSMG – govinfosecurity.com on Robust Incident Management for Critical Infrastructure

Ensuring the security of critical infrastructure necessitates managing both legacy systems and emerging cyberthreats. Durgesh Kalya, an OT network security expert at Covestro LLC, emphasized the necessity of integrating the incident command system—initially developed by the Federal Emergency Management Agency and the Department of Homeland Security—with industrial automation systems. This integration promotes active participation and collaboration among industry stakeholders.

“Essentially, everyone is a cybersecurity engineer because they work on computer systems. It’s not possible to update software on hardware that is decades old; modern hardware and equipment are required,” Kalya explained.

In an interview at the Cyber Security for Critical Assets USA Summit, Kalya also addressed the importance of robust incident management frameworks, collaboration between organizations and ICS vendors, and the need for understanding and segmenting systems to mitigate ransomware risks.