Understanding OT Security

This document provides insights regarding the challenges of securing operational technology (OT) environments against cyber-attacks. It can be considered as a starting point for people and organizations that need to improve the OT security posture and want to avoid common pitfalls.

Most of all, the objective is to provide an understanding of what OT is and why it’s different from IT. A proper understanding of OT and its peculiarities is the minimum requirement for running any successful security improvement project in OT environments.

The document is based on the experience of Lucien Sikkens (Director OT Security at TCS) in securing OT environments in various sectors. It starts with explaining OT and addressing the differences between IT and OT, followed by recommendations for successful OT security improvement programs and some real-life anecdotes illustrating practical cases.