Who is responsible for OT security standards?

Security & GRC

Engineering15%

IT57%

Joint IT (driver) with Engineering20%

Joint Engineering (driver) with IT6%

792 PARTICIPANTS
5.5k viewscircle icon3 Upvotescircle icon2 Comments
Sort by:
CIO in Energy and Utilities2 years ago

It is a joint effort between Operation Function and IT in our case.

Information Security Managing Consultant in Services (non-Government)6 years ago

Pending on the size and scale of the organization this should be a joint/combined effort. For separation of duties (audit and compliance) more than one group should always have insight and responsibility for oversight regardless the size and scale of the operation(s).

Content you might like

Which cybersecurity metrics do you currently use with your board?

Read More Comments

Does someone have advice on how they have balanced the risk/reward as it relates to introducing Open-Source Software to organization? My org is dipping its toe into the OSS world and the architecture and risk governance teams are looking to get ahead of these requests by coming up with policies and standards for OSS technology being brought into our environment. To clarify, this is not for software development and CI/CD pipelines, SDLC etc. This is for installing solutions that already exist out there (Zabbix, GreyLog, Prometheus etc.) into the organization's environment. We are looking to provide a balance on the obvious risk with the ability to move fast (like everyone else now).

What are the biggest technical challenges preventing organizations from being able to use their existing data to enable digital transformation?

Finding data and putting it to good use13%

Controlling the security and privacy of data45%

Understanding how data is currently being used20%

All of the above19%

None of the above1%

View Results

We are considering a scanning solution for detecting Personal Information (PI) in our data assets, mainly AWS S3, DynamoDB, Salesforce, etc. We need the solution to detect PI, identify the type (e.g., infotype), and optionally map it to our own PI categories. We are currently considering BigID. Do you have experience with this tool or any other tools that can help us scan across different data platforms and technologies?

Read More Comments

Has cryptocurrency helped to facilitate the ransomware market?

Yes80%

No15%

Unsure4%

View Results
Who is responsible for OT security standards? | Gartner Peer Community