Abstract

Digital transformation stems from Industry 4.0 and has introduced innovation across various industries and businesses. Digital transformation requires the integration of Operational Technology (OT) and Information Technology (IT) company departments (Hicking et al. 2021). IT/OT integration results include increased productivity, reduced waste, decreased labour and energy expenditures, and improved maintenance. Traditionally, IT is about data creation, storage, and security within an organization, while OT is about the physical world processes, such as overseeing productivity, personnel, and machinery. With the integration of IT and OT, the boundaries between the two have become blurred.  (Kuppusammy and Mariappan  2021). However, because of this connectivity, the once-isolated systems are now vulnerable to various new threats (Cook et al. 2017). Individuals and industries are adapting to internet connectivity for nearly all devices. Recent forecasts indicate that 70 billion devices will be connected to the Internet by 2025. OT devices and systems utilized in critical infrastructures, such as energy distribution, water management, nuclear facilities, and manufacturing, also embrace this connectivity trend (Alrumaih et al. 2023). An increase in IT/OT integration has led to a rise in cybercrimes in OT systems. Cybersecurity standards are created to assist organisations in meeting cybersecurity goals and preventing cybercrimes (Taherdoost 2022). With the integration of IT and OT, organisations need to protect both IT and OT networks by implementing the correct standards. This paper will highlight the security requirements for IT and OT and the most appropriate standards to use for an IT/OT converged environment.

Keywords: Operational Technology (OT), Information Technology (IT), Purdue Model, Cyber Security, Standards