Bridging The Cybersecurity Gap Of IT/OT Convergence

AI Impact on Society/artificial intelligence

Saryu Nayyar | »

For years, industries from manufacturing to utilities to healthcare have been talking up the benefits of convergence between information technology (IT) systems and operational technology (OT) systems. But one serious consideration often throws a wrench in the plans: cybersecurity for the converged environment.

It’s an immense need fraught with many obstacles — from incompatible technologies to organizational disconnects — but there are ways to bridge the gaps to get the benefits from IT/OT convergence.

IT systems pertain to daily business operations, such as the creation, dissemination and storage of business information, documents and records. OT systems monitor and control the physical functions of processes in manufacturing and industrial environments, for example, monitoring the flow of fluids through a conduit or releasing pressure through a valve.

For decades there was no interface or communication between the IT and OT environments, but that is changing as companies recognize the benefits of collecting and analyzing data from the OT side and using it to improve business operations.

The Internet of Things (IoT) is the bridge between the IT and the OT worlds. Data passed from OT sensors and gateways into IT databases and analytical tools help business analysts discover and understand insights about the industrial side of the business. These insights can help drive improvements and efficiencies in overall operations. For example, integrated IT and OT environments can provide the data needed to support workers with the knowledge management needed for better decision making.

The IoT and IT/OT convergence have become so critically important that they are at the crux of the fourth industrial revolution, known as Industry 4.0.

Security is a critical concern for convergence.

As these two environments are connected through networks and IoT devices, security is a critical concern. According to Skybox Security, new vulnerabilities in OT devices were up nearly 46% in the first half of 2021 compared to the first half of 2020. These vulnerabilities pose a growing threat to critical infrastructure and other vital systems. If these cyber issues can now be triggered through malicious communications coming from the IT side of the business, operations and safety can be seriously disrupted.

There are myriad challenges to fully securing the OT environment. Most cybersecurity solutions today are geared toward IT, which is distinctly different from OT. They use different and incompatible operating systems, protocols, processes and products.

While IT security professionals are accustomed to regularly updating software and patching vulnerabilities soon after a fix is released, these processes aren’t practical — or sometimes even possible — for operational technology. Some industrial machines run for years without being taken offline because uninterrupted uptime is valued over all else. If a patch for a vulnerability is even available, the application of the patch might languish for months before it can be scheduled. In truth, many industrial machines were never designed with security in mind, as it wasn’t needed in the operational silo the machine used to live in. It was “security by obscurity.”

The security challenges are organizational as much as they are technological. In the IT world, the management of networks and devices is usually centralized and standardized. In the OT side of the house, industrial equipment is typically managed and maintained by the equipment manufacturer, often through remote access. Given that a shop floor can have numerous types of equipment, all being maintained by separate OEMs, there is no centralization or standardization.

In addition, the stakeholders of these two environments are completely unfamiliar with how the other team operates, making it hard to collaborate.

IoT bridges the gap between IT and OT.

The deployment of IoT devices is helping to bridge the IT/OT gap for security and other purposes. OT sensors can collect data about what’s happening within their own realm, but these devices aren’t able to perform any analysis or even communicate that information over a network. IoT devices, however, can collect data from the OT devices, analyze it locally, and communicate to the IT side over a standard network. IoT devices also can communicate commands to the physical devices, meaning they can control operations in the industrial environment.

One example of how IoT can improve OT security is to continuously monitor the equipment for anomalous behavior. Let’s say there is an IoT gateway connected to a series of Programmable Logic Controllers (PLCs) in a production plant. The PLCs can monitor and record run-time data such as machine productivity or operating temperature, automatically start and stop processes and more. They routinely communicate data to the gateway, which, in turn, conveys it to a Security Information and Event Management (SIEM) platform on the IT network. The SIEM’s monitoring and analysis tools can help to identify and protect against unauthorized changes and other anomalies in the OT environment that could signal an attack in full progress or in its initial stages.

Security must be a priority during convergence.

Successful IT/OT convergence is a long game but proponents say the benefits are worthwhile. Companies must ensure that security is a top priority and not simply an afterthought.

On the technology side, take a risk-based vulnerability management approach. Understand the types of threats that pose risk in the OT environment. Research and select the security devices, tools and platforms that are best able to monitor, detect and respond to these threats. Maintain device-level visibility but aim for centralized management and standardized technologies as much as possible.

On the organizational side, structure the organization such that IT and OT departments work together to operate and manage the newly merged technology. Cross-train workers for better understanding of how both environments work. Focus on eliminating vulnerabilities to reduce risk.

IT/OT convergence and Industry 4.0 are the future. Just be sure it’s a secure future.

About Author
Saryu Nayyar
Saryu Nayyar, CEO, Gurucul

Saryu Nayyar is CEO of Gurucul, a provider of behavioral security analytics technology and a recognized expert in cyber risk management.

Read Full Bio

Cybersecurity Gap Of IT/OT

Cybersecurity Gap Of IT/OT
External Link: Is It Time For A U.S. Version Of GDPR?

Share this page:

Related Posts