惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
V
V2EX
V
Visual Studio Blog
博客园_首页
Last Week in AI
Last Week in AI
Apple Machine Learning Research
Apple Machine Learning Research
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
S
SegmentFault 最新的问题
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Martin Fowler
Martin Fowler
Recent Announcements
Recent Announcements
J
Java Code Geeks
月光博客
月光博客
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
F
Fortinet All Blogs
P
Privacy & Cybersecurity Law Blog
C
CERT Recently Published Vulnerability Notes
C
CXSECURITY Database RSS Feed - CXSecurity.com
B
Blog RSS Feed
S
Schneier on Security
酷 壳 – CoolShell
酷 壳 – CoolShell
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
W
WeLiveSecurity
A
Arctic Wolf
U
Unit 42
博客园 - 司徒正美
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
有赞技术团队
有赞技术团队
Recorded Future
Recorded Future
Engineering at Meta
Engineering at Meta
Google DeepMind News
Google DeepMind News
大猫的无限游戏
大猫的无限游戏
Microsoft Security Blog
Microsoft Security Blog
Hacker News: Ask HN
Hacker News: Ask HN
量子位
B
Blog
T
The Exploit Database - CXSecurity.com
C
Cisco Blogs
博客园 - 三生石上(FineUI控件)
H
Help Net Security
博客园 - 叶小钗
C
Cyber Attacks, Cyber Crime and Cyber Security
L
LINUX DO - 热门话题
Hugging Face - Blog
Hugging Face - Blog
Google DeepMind News
Google DeepMind News
小众软件
小众软件
雷峰网
雷峰网
TaoSecurity Blog
TaoSecurity Blog
Schneier on Security
Schneier on Security

Enterprise – Silicon Republic

Transport for London hackers jailed for five and a half years Commission refers Ireland to CJEU for failing to enact cyber rules Cloudflare to block AI crawlers from ad-supported webpages by default Google ordered to pay Klarna nearly $2bn in abuse-of-power row Upcoming iPhone 18 model leaked in Tata Electronics hack Data breaches going unreported – Irish compliance survey Cybersecurity warning for Irish businesses ahead of EU Presidency Dublin's TensorX to partner with Solstice on sovereign European AI Irish Internet Hotline named Trusted Flagger under EU Digital Services Act Don't panic, prepare: A cyber expert's advice on the Mythos hype Day-to-day cyber incidents driving loss for SMEs, finds report Anthropic to reassess Claude Fable 5 AI development restrictions after backlash Anthropic rolls out ‘Mythos-like’ AI model Claude Fable 5 EMEA firms underestimating 'routine risks', finds cyber report More than 20,000 Instagram accounts hacked using Meta AI bug Report: Irish firms cut cybersecurity spend despite rising risks TCS launches sovereign cloud offering in Europe ECB urging action on AI from lenders’ IT departments Hackers access GitHub, download codebase in Grafana Labs breach Europe's public sector deploying AI faster than it can manage – report UK watchdog probes Microsoft over interoperability issues Foxconn confirms cyberattack on North American facilities Clear gap between AI expectations and preparedness, finds report Canvas parent settles with hacker group that stole user data ShinyHunters demands ransom after Canvas hack EU agrees to simpler AI rules and complete ‘nudification’ ban Opinion: Why ISO 27001 alone won't save your data from itself Report: Medical device cyberattacks on the rise AI race intensifies with Google's new agent management platform Anthropic probing reported Mythos leak on Discord Nearly 75pc of AI’s economic value captured by just 20pc of companies Anthropic’s Mythos to bolster cybersecurity at UK banks The death of ETL: Is zero-copy a ‘liberation’ for data teams? After Anthropic, OpenAI launches cyber-specific AI model The Interview: Dentons' Carlo Salizzo on three forces defining digital law Anthropic's Mythos a game-changer, NCSC chief tells Oireachtas Mythos just first of power models to come: Anthropic co-founder New XP95 hacker group targets Dublin recruitment platform Healthdaq OpenAI apps for MacOS exposed by threat Mythos testing begins as governments raise cyber concerns Anthropic's Glasswing project employs Mythos to prevent AI cyberattacks Is your data integrity framework just a fancy spreadsheet? Ireland begins digital wallet testing and consultation How is Australia working to make data centres more sustainable? China's DeepSeek suffers rare outage lasting several hours ShinyHunters claims responsibility for European Commission breach Security first: Why cybersecurity needs to adapt in the age of AI iOS hacking tool 'DarkSword' leaked on GitHub China’s Alibaba could launch Qwen for enterprise this week Stryker's Cork site hit by global cyberattack Office.eu and the hope for a digitally sovereign Europe How fully homomorphic encryption is reshaping secure AI Major phishing operation disrupted in joint Europol action Hacking tool with possible US origins targets outdated iPhones Pure Storage, now Everpure, to acquire 1touch Hacker used commercial AI to breach 600 firewalls: AWS Why cloud strategies are pivoting from reaction to precision ‘Complexity is where cyber risk tends to grow’ ‘In cyber, bridging the gap between the server room and boardroom is crucial’ AWS expanding in Belgium, Netherlands and Portugal, amid sovereign cloud launch
What’s the difference between IT and OT security?
silicon · 2026-05-06 · via Enterprise – Silicon Republic

Integrity360’s Matthew Olney explains the ins and outs of IT and OT security, and the importance of having both secured.

From manufacturing lines and water utilities to transport hubs and energy plants, operational technology (OT) is a prime target for cybercriminals and nation-state actors.

As the lines between information technology (IT) and OT blur, understanding the difference between them and securing both effectively has never been more critical.

IT v OT security

IT security is the practice of protecting an organisation’s IT assets, including computers, networks, and data, from unauthorised access, attacks and other malicious activity. It involves using a combination of technologies, processes and physical controls to ensure the confidentiality, integrity and availability of information. A key objective is to prevent threats like data breaches, malware and phishing.

OT security, on the other hand, protects the physical systems that keep operations running – machinery, control systems and critical infrastructure. Here, priorities shift: availability and safety come first, because downtime doesn’t just cost money; it can halt production or endanger lives.

Many industrial organisations still treat IT and OT as distinct domains – one governed by corporate IT teams, the other by engineering departments.

Historically, this separation made sense when OT systems operated in isolation. But that’s no longer the case.

Today, nearly 40pc of OT assets are connected to the internet without adequate security, and by 2025, 70pc of OT systems are expected to be integrated with IT networks.

With 72pc of industrial cybersecurity incidents originating in the IT environment before infiltrating OT systems, a unified, cross-functional approach to securing both realms is growing in importance.

Attackers exploit weak segmentation, unsecured remote access, and legacy systems that were never designed with cybersecurity in mind. Once inside, they can halt production, damage equipment, or even threaten human life or cause environmental damage.

The unique challenges of OT environments:

Legacy technology

Many systems run on outdated or unsupported software, sometimes decades old, that can’t easily be patched without interrupting operations.

Proprietary protocols

OT devices use vendor-specific communication methods not recognised by standard IT tools.

Availability over confidentiality

Shutting down a process for security reasons may be more damaging than the attack itself.

Human and safety impact

A compromised industrial controller could affect worker safety or public services.

Limited visibility

Without asset inventories or monitoring, intrusions can go unnoticed for months.

Common weaknesses found in OT networks

Integrity360’s experts regularly uncover recurring issues across industrial environments, including:

  • Poor network segmentation, allowing attackers to move from IT to OT.
  • Unpatched systems and default configurations left unchanged.
  • Weak or insecure remote access used by vendors and contractors.
  • Lack of asset inventory or real-time monitoring.
  • No endpoint protection against malware propagation.

These weaknesses make OT environments particularly attractive to threat actors seeking maximum disruption.

When operations depend on continuous uptime, a single breach can lead to production loss, safety risks, reputational damage and regulatory penalties.

By Matthew Olney

Olney is a cybersecurity content and communications specialist with extensive experience translating complex security topics into clear, engaging content for technical and executive audiences. As content marketing and social media lead at Integrity360, he works closely with Integrity360 experts to develop thought leadership, technical blogs, webinars and multi-channel campaigns that help organisations understand and respond to emerging cyberthreats.

A version of this article previously appeared on Integrity360’s website.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.