Mitigating Cyber Risks in the age of OT / IT Convergence@Enigmedia
In the past, OT and IT networks were originally isolated from each other. OT devices and networks were running proprietary protocols using specific hardware and software and functioned solely in the OT environment, and there were many good reasons for keeping them air-gapped:
- Highly automated manufacturing floor depends on real-time information and response (Data Availability)
- OT systems can’t afford the kinds of delays or downtime that typically occur in an IT network
- OT devices are also, on average, older and more sensitive. Some may remain in place, running the same operating system without updating or patching for decades. Which means that many of these devices are highly vulnerable to older exploits
- Devices are highly vulnerable to older exploits
Introducing digital innovations designed for IT networks into an OT environment enables things like remote monitoring, on-demand manufacturing, just-in-time inventory, and process orchestration, which in turn leads to increased efficiencies, productivity, and profitability. However, critical data and highly sensitive OT resources need to be carefully protected while these two very different networks converge.
IT and OT teams also have entirely different priorities in terms of defining and balancing risk. IT, for example, uses the CIA model – confidentiality, integrity, and availability – to prioritize the protection of data. OT managers turn the CIA model on its head to AIC. Availability of systems and the safety of workers and citizens are the highest priorities of OT. Process integrity runs a close second to safety to ensure that systems perform as expected. And confidentiality, which is the number one priority for IT, comes in as a distant third in favor of safe and continuous OT operations.
Shutting down a manufacturing floor for a system or security upgrade is simply not even on the table. Massive energy turbines, manufacturing furnaces, chemical production, or energy transmission systems can’t tolerate disruption for even a few seconds, as the consequences can be severe – and even life-threatening.
“Integrating IT systems into an OT environment needs to be done carefully. Exposing OT systems to botnets, malware, and other exploits, even if the addition of IT systems means significant improvements in efficiencies and profitability, still runs counter to the primary objectives of any OT leader.”
As industrial systems become more connected, they also become more exposed to vulnerabilities. The high cost of industrial equipment and the devastation to communities and economies that an attack could generate are key factors for organizations looking to protect their industrial networks. Add legacy equipment, safety regulations that may prohibit any modifications being made to equipment and compliance regulations that require sensitive data to be made available to third parties, and you have quite a challenge on your hands. Delays or unplanned downtime cost a business time and money which is one of the reasons why some OT systems are left as they are. However, this means plants around the world may be operating from machines that have limited security controls in place and they are becoming more connected. Here lies the problem.
The good news is that it is possible to secure industrial networks without disrupting operations or risking non-compliance. By using solutions that allow visibility of network control traffic, segmentation of OT networks and protection of remote communications, it is possible to put an effective OT strategy in place that will protect your processes, people and profit and significantly reduce security vulnerabilities and incidents.