BEYOND CONVERGENCE: The IT/OT Continuum and how Functions-Based Leadership can Enhance OT Cybersecurity

In recent years, many publications have been written about IT/OT “convergence”– the integration of Information Technology (IT), the hardware and software that processes data, with Operational Technology (OT), the systems that control industrial operations. In short, this convergence involves connecting IT networks with previously isolated OT systems in order to drive organizational efficiencies.

Unfortunately, many organizations are experiencing a persistent tug ofwar between their Chief Information Security Officers (CISOs) and Operations Leads over who should direct IT/OT cybersecurity efforts. This tension not only prevents the full realization of benefits that true convergence could bring, it also increases the likelihood that critical risks will be left unaddressed. A shift from the term “IT/OTconvergence” to “IT/OT continuum” – where cybersecurity responsibility is determined by the protected function of concern – would help overcome these challenges.