Browse Definitions :
information technology (IT) technological convergence

operational technology (OT)

What is operational technology?

Operational technology (OT) is a category of hardware and software that monitors and controls how physical devices perform.

In the past, OT was used primarily in industrial control systems for manufacturing, transportation and utilities -- and unlike information technology (IT), the technology that controlled operations in those industries wasn't networked. Many of the tools for monitoring or adjusting physical devices were mechanical, and those that had digital controls used closed, proprietary protocols.

However, as physical devices are becoming smart, there is an increasing trend toward IT/OT convergence. Wireless connectivity has provided administrators in charge of OT with better monitoring systems and the ability to control physical devices remotely. Advances in machine-to-machine communication and machine learning have created a sea change, enabling the data that physical devices produce to be analyzed in real time to facilitate autonomy, preventive maintenance and improved uptime.

Internet-capable technology has moved into industrial control systems and supervisory control and data acquisitions networks. However, operations technology faces the same malware, identity management and access control security challenges that IT faces. The difference is that vulnerabilities in an OT system can leave critical infrastructure at risk of sabotage that can result in life or death situations.

What is the importance of operational technology?

OT is critical for businesses and society at large. At the organizational level, OT is usually tied to core business processes. In a factory, OT is often the very thing that enables goods to be manufactured. Likewise, hospitals depend on OT devices to diagnose patients who are suffering from various illnesses. For a business or other organization that relies on OT, a service outage would severely impair or even halt the organization's core business activities.

On a broader level, society depends on OT to keep critical infrastructure functioning. In May 2021, a ransomware attack caused the Colonial Pipeline to be shut down. The pipeline, which could, itself, be considered an OT, transports 2.5 million barrels of fuel each day and the shutdown resulted in a major East Coast fuel shortage. This is just one example of how critical some operational technologies can be.

What are examples of OT systems?

It's easy to think of OT systems as being closely associated with industrial equipment and, indeed, OT systems are heavily used on factory floors. However, OT systems aren't solely limited to industrial processes. An OT system can be any special purpose, computerized equipment.

Although industrial robotics are considered OT systems, so are certain medical devices such as MRI machines or other types of radiology equipment. ATMs are also considered OT systems, as are traffic lights. These are all complex, special purpose digital systems that aren't part of traditional IT infrastructure. Likewise, various safety systems fall into the category of OT systems, as do the robots that are increasingly used in retail for stocking shelves or mopping floors.

OT acquisition examples
Many traditional IT shops are acquiring operational technology-focused companies to remain competitive.

Operational technology challenges

As organizations work to converge IT and OT systems, they must be aware of the inherent challenges of doing so. Many of these challenges stem from the very nature of the OT systems being used. Although some OT systems are modern and complex, it's also common -- particularly, in an industrial setting -- for OT equipment to be several decades old. When you consider such a device's age and its proprietary design, it can be extraordinarily difficult and costly to connect the device to modern IT systems.

Another challenge associated with converging IT and OT systems is that doing so can introduce cybersecurity risks. This is especially true for legacy OT systems. Such systems were likely never intended to be connected to an organization's IT systems. It was likely assumed that such systems would operate in an isolated environment and, therefore, didn't need protection against cybersecurity threats.

Instead, the design process likely focused on making the device as reliable as possible, rather than addressing myriad security threats. This means connecting such systems to traditional IT infrastructure can make them vulnerable to attack, because an attacker now has a direct communications path through which to access the device. Organizations looking to converge their IT/OT infrastructure must put security at the forefront.

Another challenge is addressing any knowledge gaps. OT engineers are unlikely to be experts in IT. Similarly, few IT pros have a strong working knowledge of OT systems.

Finally, OT devices might not fit neatly into an organization's normal IT protocols. Patch management, for example, is often regarded as a critical IT task. However, patches for OT devices might be released on an infrequent basis or even not at all.

Even if an OT device manufacturer releases a patch, there will likely be some pushback over installing the patch. At best, installing the patch will cause a service interruption while the device is taken offline and rebooted, which affects the organization's revenue. At worst, the patch can introduce problems into a device that was previously reliable, again, adversely affecting the organization's bottom line.

OT vs. IT: What are the differences?

IT has traditionally focused on compute, networking and storage resources. These resources can include servers, storage arrays and network switches in the data center or the cloud but can also include desktop computers, smart phones and supporting hardware. Additionally, enterprise IT is also responsible for managing software at the infrastructure level and application level. This means deploying and maintaining OSes and security and monitoring tools, as well as the applications users rely on to do their jobs.

Conversely, OT focuses on the machines associated with physical processes. These processes can be anything from the manufacturing of goods to medical imaging. Like IT, these processes revolve around the use of digital systems. However, these systems tend to be proprietary in nature and don't generally fall into the scope of traditional IT assets.

IT/OT convergence

IT/OT convergence involves linking operational technologies to traditional IT systems. Bringing these systems together can make it easier for an organization to meet its compliance mandates, while also breaking down data silos. However, there can also be other, more compelling benefits.

IT/OT convergence steps
To integrate IT and OT, management must update existing processes and cross-train employees.

Linking IT systems to OT devices helps to bring intelligence to various business processes. In a factory setting, a converged IT/OT system can analyze the entire manufacturing process to spot inefficiencies. Detecting and eliminating these inefficiencies can, ultimately, help make the business more profitable.

Likewise, IT systems can monitor OT equipment use to see when the devices will need maintenance based on their use. This can prevent machines from breaking down, which also helps save the business money.

This was last updated in August 2021

Continue Reading About operational technology (OT)

  • network security

    Network security encompasses all the steps taken to protect the integrity of a computer network and the data within it.

  • cloud-native network function (CNF)

    A cloud-native network function (CNF) is a service that performs network duties in software, as opposed to purpose-built hardware.

  • Wi-Fi 6E

    Wi-Fi 6E is one variant of the 802.11ax standard.

  • incident response

    Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also ...

  • MICR (magnetic ink character recognition)

    MICR (magnetic ink character recognition) is a technology invented in the 1950s that's used to verify the legitimacy or ...

  • What is cybersecurity?

    Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats.

  • privacy compliance

    Privacy compliance is a company's accordance with established personal information protection guidelines, specifications or ...

  • contingent workforce

    A contingent workforce is a labor pool whose members are hired by an organization on an on-demand basis.

  • product development (new product development -- NPD)

    Product development, also called new product management, is a series of steps that includes the conceptualization, design, ...

  • talent acquisition

    Talent acquisition is the strategic process employers use to analyze their long-term talent needs in the context of business ...

  • employee retention

    Employee retention is the organizational goal of keeping productive and talented workers and reducing turnover by fostering a ...

  • hybrid work model

    A hybrid work model is a workforce structure that includes employees who work remotely and those who work on site, in a company's...

  • digital marketing

    Digital marketing is a general term for any effort by a company to connect with customers through electronic technology.

  • hockey stick growth

    Hockey stick growth is a growth pattern in a line chart that shows a sudden and extremely rapid growth after a long period of ...

  • Salesforce Trailhead

    Salesforce Trailhead is a series of online tutorials that coach beginner and intermediate developers who need to learn how to ...