IT and OT: Worlds are colliding

Many businesses are demanding real-time access to operational data, which means industrial systems — once isolated and secure — are becoming increasingly integrated with corporate networks, sometimes on commercial off-the-shelf platforms. This connectivity, brought by the IIoT, can create benefits such as smart analytics, predictive maintenance and remote monitoring. But it also exposes industrial control systems (ICS), process control systems and other operational technology to malware attacks, hacktivism, employee sabotage and other security risks that previously affected only corporate Information Technology (IT).

As the lines blur between IT and Operational Technology (OT), how can you provide appropriate access to control and production data while preventing cyber security events that could cause shutdowns, safety threats and process disruptions?


When it comes to cyber security, KPMG member firm professionals understand the often-competing requirements of the OT and IT domains. With expertise in OT, plus robust capabilities in strategy and governance, security transformation, cyber defense and digital response services, KPMG member firm professionals know how to discuss cyber security in a meaningful language for all parties — from systems engineers to CIOs —and develop solutions on both sides of the fence. That means KPMG professionals understand the complexities of SCADA networks, distributed control systems and process automation — and how the security of operational technology differs from information technology.

With KPMG’s help in creating a balanced strategy, you can go far beyond compliance and technical preparedness, instead turning industrial cyber security into a business enabler.

  • Need remote access to sensors to facilitate predictive maintenance?
  • Want to reduce the cost of your security controls, so you can run processes more efficiently than competitors?
  • Interested in adopting as-a-service technologies for your plant?

KPMG member firms help you adapt to changing business requirements and feel comfortable in a more connected environment — replacing your uncertainty with confidence that you won’t face a cyber attack that you can’t handle.