Welcome to my first blog post in my new role within the Gartner security analyst team. I am starting a series of posts on two relatively new areas of Gartner security coverage.
The first will comment on security and risk management issues and concerns with the industrial control and automation infrastructure found in many enterprises, especially those involving critical infrastructure such as utilities, oil and gas firms, manufacturing, transportation, and others. Gartner refers to this infrastructure as “operational technology” (OT) to distinguish it from traditional IT infrastructure. Gartner refers to OT as hardware and software that detect or cause a change through the direct monitoring and/or control of physical devices, processes and events in the enterprise. Technologies such as SCADA, process control networking and distributed control systems are examples of OT. Media coverage regarding OT has grown in frequency as vulnerabilities are discovered and threats to OT systems and networks increase in frequency and sophistication.
The second will comment on security and risk management issues and concerns for what the markets now call the “Internet of Things”, or IoT. As many of you already know, The IoT is the network of physical objects that contains embedded technology to communicate and sense or interact with the objects’ internal state or the external environment. It ranges across myriad industries and examples, from devices to monitor health and exercise to smart watches to traffic flow sensors to intelligent smoke alarms to— well, you get the idea. The IoT is currently one of the most interesting concepts for innovators and entrepreneurs, and design ideas and product proposals are ricocheting across the market faster than professional ice hockey players. While not all of the IoT demands enterprise-class security, there are enough concerns about privacy and misuse of data or device to merit consideration.
Gartner has already published research in OT and the IoT, and some security research has also been published on these fields as well. But the growth and position of these technologies for enterprise users and consumers demand more, and research in 2014 will focus on areas such as embedded systems security, securing smart cities, and business continuity/disaster recovery concerns in a world of OT and the IoT. We welcome your comments as we tackle some of the major security issues of the day for OT and the IoT here in this blog. Let’s get the discussion started.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.