Gartner Blog Network

Securing Operational Technology and the Internet of Things

by Earl Perkins  |  January 10, 2014  |  1 Comment

Welcome to my first blog post in my new role within the Gartner security analyst team. I am starting a series of posts on two relatively new areas of Gartner security coverage.

The first will comment on security and risk management issues and concerns with the industrial control and automation infrastructure found in many enterprises, especially those involving critical infrastructure such as utilities, oil and gas firms, manufacturing, transportation, and others. Gartner refers to this infrastructure as “operational technology” (OT) to distinguish it from traditional IT infrastructure. Gartner refers to OT as hardware and software that detect or cause a change through the direct monitoring and/or control of physical devices, processes and events in the enterprise. Technologies such as SCADA, process control networking and distributed control systems are examples of OT. Media coverage regarding OT has grown in frequency as vulnerabilities are discovered and threats to OT systems and networks increase in frequency and sophistication.

The second will comment on security and risk management issues and concerns for what the markets now call the “Internet of Things”, or IoT. As many of you already know, The IoT is the network of physical objects that contains embedded technology to communicate and sense or interact with the objects’ internal state or the external environment. It ranges across myriad industries and examples, from devices to monitor health and exercise to smart watches to traffic flow sensors to intelligent smoke alarms to— well, you get the idea. The IoT is currently one of the most interesting concepts for innovators and entrepreneurs, and design ideas and product proposals are ricocheting across the market faster than professional ice hockey players. While not all of the IoT demands enterprise-class security, there are enough concerns about privacy and misuse of data or device to merit consideration.

Gartner has already published research in OT and the IoT, and some security research has also been published on these fields as well. But the growth and position of these technologies for enterprise users and consumers demand more, and research in 2014 will focus on areas such as embedded systems security, securing smart cities, and business continuity/disaster recovery concerns in a world of OT and the IoT. We welcome your comments as we tackle some of the major security issues of the day for OT and the IoT here in this blog. Let’s get the discussion started.

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Category: applications  cloud  ea  iam  internet-of-things  operational-technology  security  strategic-planning  

Earl Perkins
Research VP
5 years at Gartner
32 years IT industry

Earl Perkins is a research vice president in the Security and Privacy team at Gartner. His focus areas include identity and access management (IAM), including user provisioning, role life cycle management… Read Full Bio

Thoughts on Securing Operational Technology and the Internet of Things

  1. Earl Perkins says:

    My apologies for the “Comments Off” setting. I have reviewed the entry and it has “Allow Comments” set, so go figure. We’ll see if adding this one will open it up, should you decide to comment.

Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.