Tackling the unique security challenges that come with OT/IT convergence

Enterprises are embracing operational technology (OT) and information technology (IT) convergence to take advantage of the apparent benefits: reduced costs, enhanced performance and greater agility. But, with the conceptual gaps between OT and IT still looming, security is proving a monumental challenge for many.

Manufacturing is the most popular industry being targeted by cyber extortion groups, according to the Orange Cyberdefense Security Navigator report 2022. Malware accounted for a third of all incidents. Malware types varied from the softer versions, such as Adware and unwanted programs to Crypto Miners. Manufacturing represents over 23% of cyber extortion listings collected by Orange Cyberdefense for the period January 2020 to October 2021.

Critical infrastructures are also under increased attack. Last year, cybersecurity authorities in the U.S., Australia and the UK observed a high increase in sophisticated ransomware attacks against critical infrastructures globally. Only recently, the Cybersecurity and Infrastructure Security Agency released details of a malware toolkit, dubbed “Pipedream,” designed to hack industrial control equipment and either disrupt or take control.

It isn’t just a one-way street. Network convergence also implies that IT environments can open up risks to OT. While the rise in OT vulnerabilities needs to be carefully monitored, defenses must also be shored up when it comes to vulnerabilities in IT assets. Industries need data on their OT and IT networks to give them actionable intelligence to respond rapidly to cyber threats.

Industries need to urgently step up their attempts to address OT/IT security. Risks include a rapid increase in IoT adoption, an expanding threat landscape, and regulatory pressures as governments look to protect critical infrastructures. OT/IT is, unfortunately, an increasingly lucrative target for both cyber criminals and state-funded malevolent actors.

Despite being on a convergence path, OT and IT still speak very different languages. Security teams must break down silos and find ways of working together to protect industries like power and water, where sophisticated attacks could result in the collapse of critical infrastructures. This has the potential to trigger devastating real-world catastrophes.

This threat is very real. A recent survey showed that over 90% of organizations using operational technology systems had experienced cyber incidents in the past year.

Shockingly, 80% of critical infrastructures don’t adopt zero trust strategies, seeing average breach costs rise to $5.4 million, a $1.17 million increase compared to organizations that do.

Smarter security to protect and defend the user perimeter

Manufacturers and production facilities better connected to their enterprise networks can undoubtedly benefit from greater agility and flexibility. The issue is that more connections mean more points to defend and secure. This creates a new perimeter where the user must be defended and protected.

In a segment that has traditionally been siloed from public networks like the Internet, and in some cases running old and often unsupported operating systems, there are disasters waiting to happen. It isn’t all gloom and doom, however. There are three pillars by way of asset discovery, network segmentation and managed threat detection that can mitigate the situation. In many ways, it is very similar to the steps followed in IT and network security, where the end user is the core, the potential perpetrator and the solution. OT/IT convergence is the big enabler for Industry 4.0

Successful OT/IT convergence is pivotal to the success of Industry 4.0, providing data flow and process optimization between production, automation and information systems across manufacturing plans and the entire value chain.

Bringing IT and OT together streamlines processes and brings significant efficiencies to businesses. This means that IT may be able to track how long a production process takes. This data could eliminate any bottlenecks in processes, for example.

But there is a significant barrier for enterprises to overcome when securing these systems. This is an even bigger issue when enterprises are using older, legacy hardware that could be several decades old and without security engineered in. As IT becomes a bigger part of the OT/IT scenario, air gaps can no longer provide the required level of security necessary for communication and OT data.

It is vital that when enterprises are planning OT/IT integration, security is central to their strategy and not an afterthought, or they are asking for significant issues further down the line.

Five key points to incorporate when putting together your OT/IT security strategy

1. You cannot protect what you cannot see.
Visibility across the OT/IT estate is critical. To this end, enterprises must build a complete and comprehensive asset inventory.

2. Monitor OT and IT environments to detect and mitigate industrial threats in real time.
This can be achieved by combining and analyzing data from different OT and IT estate resources.

3. People are central to an efficient cybersecurity strategy.
Outline precisely how OT and IT teams should work together. At the same time, ensure you have the skill sets to support OT/IT long term. This will include upskilling and reskilling. Enterprises may also want to consider managed services to overcome the issue of the ongoing skills drought.

4. Although full OT/IT convergence is still a long way off, enterprises should start to embrace processes that support the integration into their operations now and build them into future planning.

5. Have a long-term vision of your business goals and how this can be achieved operationally by converging OT and IT.
Measure these against risk. For example, deploying the wrong security solutions can end up restraining your business ambitions.

Make sure you know what the risks are

Many enterprises are at the very beginning of their OT/IT convergence journey. Now they need to start securing their OT environments with the latest technologies and integrating them into the bigger security framework. This requires careful planning.

Enterprises must work toward a unified OT/IT security strategy that underscores confidentiality, availability, efficiency and performance, looking for continuous improvement.

OT/IT convergence is happening faster than many enterprises realize. Enterprises need to put a combined OT/IT strategy in place now to ensure they don’t make themselves even more vulnerable to cyberattacks.

Learn more about building an information-intensive environment based on IT, OT and humans and download our Security Navigator 2022 report.

Frank Baggermans

Frank is Managing Director of Benelux and leads enterprise activities across Belgium, the Netherlands and Luxembourg. He studied commercial economics and marketing in Utrecht and has over 20 years of business and technology leadership experience. Frank is the proud father of two sons and, in his free time, he enjoys being with his family and friends, sailing, playing tennis, golfing and experiencing new sights.