“OT networks have been unmanaged, from a security and risk perspective, for many years. They are flat, with a mix of OT protocols, unidentified assets, legacy systems and devices with unsecure communications”
2018 Strategic Roadmap for Integrated IT and OT Security
Saniye Burcu Alaybeyi
Visibility is gained in a phased, less to more, approach.
Automatics passive discovery and profiling of every asset that is connect to the OT / IT network.
Extend passive info to include mission criticality and business logic.
With a complete picture of all assets and their mission criticality organizations can define what controls should be established.