Information technology (IT) generally refers to systems that save, process and communicate information, serving as the technology that supports business processes. Meanwhile operational technology (OT) represents the systems that control and monitor production equipment and devices, serving as the technology that directly supports the operation of plants and factories. Because of these differences, OT systems require real-time performance and high availability, and generally once they are installed, they are used for long periods and are difficult to modify. In recent years OT environments have also become digitized and seen the advance of IoT technologies, exposing them to an increased risk as the targets of cyber attacks. Once an OT system is attacked, it can lead to production line stoppages, reduced product quality, and depending on the severity, cause serious accidents that imperil people's lives. That is why strengthening OT security is a challenge of the highest priority for the manufacturing industry.
Security challenges in OT environments are wide-ranging. First, since OT systems are designed to operate for extended periods, they often use older technologies and software, which can lead to vulnerabilities. In addition, since many OT systems operate on closed networks that are generally not connected to the Internet, their defenses against outside attacks can be inadequate.
And as IT and OT become increasingly integrated, there are growing risks of attacks on OT systems via IT systems. For example, there are examples of malware infections that have entered via IT systems spreading to OT systems, along with a growing risk of unauthorized operation utilizing remote access. To face off against these challenges, security measures designed to combine IT and OT are needed.
Measures to beef up OT security include the following. We adopted OT security guidelines in the fiscal year ended March 2024 and plan to steadily phase in measures going forward.