Bridging the divide between operational and information technology

Issue 1 2022 Industrial (Industry)

Most enterprises know that cyber-attacks in the information security realm are continuously growing in sophistication, severity and number. However, up until now, many organisations that run plants, factories, pipelines and other infrastructure have paid less attention to the threats they face in the realm of operational technology (OT).

Recent global OT-focused cyber-attacks highlight why South African utilities, manufacturers, oil and gas companies and other organisations that run industrial infrastructure would be wise to take note of the growing range of cyber threats faced by their OT systems and infrastructures.

In one example, an intruder breached a water treatment plant in Florida in the US. The attacker briefly increased the quantity of a corrosive chemical called sodium hydroxide in the water from 100 parts per million to 11 100 parts per million before an operator intervened. In another, cybercriminals launched a ransomware attack on the Colonial Pipeline, which disrupted a major supply of fuel to the East Coast of the US for a week.

As these examples show, OT attacks can be even more serious in nature than information security breaches because of the level of economic upheaval, supply chain disruption and human harm they can cause. This has prompted Gartner to warn that attackers may have ‘weaponised’ OT environments to hurt or kill people by 2025. Gartner says that threats to OT environments have evolved from process disruption threats like ransomware to a more alarming type of attack: compromising the integrity of industrial systems.

Let’s look closer at what OT security is, before delving into why OT threats are growing and what organisations can do about it.

Defining OT and OT security

OT is the hardware, software and other technology used to monitor and control physical processes, devices and infrastructure. Examples include the supervisory control and data acquisition (SCADA) systems used to manage processes such as water treatment and distribution, wastewater collection and treatment, oil and gas pipelines and electric power transmission and distribution, or to monitor and control manufacturing processes on a production line.

By the Gartner definition, OT security is 'Practices and technologies used to (a) protect people, assets and information, (b) monitor and/or control physical devices, processes and events and (c) initiate state changes to enterprise OT systems'. There is a maturing toolbox of specialised OT security solutions, including firewalls, security information and event management (SIEM) systems, identity access and management tools and early-stage threat detection and asset identification solutions that companies can implement to enhance their cybersecurity posture.

Yet OT security remains neglected in many organisations because the engineers in the OT environment usually don’t have much background in cybersecurity, while IT teams tend to regard OT as outside their responsibility and core competence. On a technical level, OT uses vendors, technologies, platforms and protocols that are unfamiliar to IT professionals. Plus, OT networks were, in the past, run independently of IT networks and were usually not connected to the Internet.

Misconfigured networks and Internet exposure

The only way a hacker could access OT systems was if they could get to a physical terminal that controlled them or if a misconfigured network allowed access between the IT and OT environments. However, that all started to change 10 to 15 years ago as more OT systems started to be connected to the Internet, with the goal of gathering data to drive analytics and create new business efficiencies. Along with the benefits of converging IT and OT networks and connecting OT to the Internet, this trend has exposed OT to a growing range of cyberthreats.

Yet even as OT and IT networks converge, the two disciplines tend to run as completely separate functions with little sharing of information. This is somewhat understandable, given how different IT and OT security are in practice: IT cyberattacks are more frequent, OT attacks are more destructive; and IT systems tend to be upgraded and patched more often than OT systems.

In the world of the Fourth Industrial Revolution, it is clear that OT will become more digital in the years to come. Even though there are many differences in the risks, objectives and operating models for OT and IT, there are clear benefits to getting the teams responsible for each into closer alignment. In so doing, the C-suite gets a better sense of the overall risk and threats the business faces and who should be accountable for managing them.

Gartner recommends that enterprises align their standards, policies, tools, processes and staff between the IT and the business to the changing OT systems. This is called IT/OT alignment and it is about crafting a strategy that spans the security lifecycle, from the production floor up to the enterprise.

Getting started

Given the lack of visibility that most organisations have into their OT environment, the place to start with a coherent OT strategy is with a risk and vulnerability assessment. There are powerful tools to help enterprises identify assets that could be affected by cyber-risks, so they can prioritise controls and responses. Since most companies lack in-house skills that straddle the divide between IT and OT, they can often benefit from the skills of a systems integration partner that knows both worlds.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

210 million industrial endpoints secured by 2028
News & Events Information Security Industrial (Industry)
A new study by Juniper Research has found that there will be growth of 107% over the next five years in the number of industrial endpoints featuring cybersecurity protection.

Growing cyber threats to SA’s critical infrastructure
News & Events Information Security Industrial (Industry)
The increasing reliance on digital infrastructure makes critical sectors like utilities more susceptible to cyber threats. This concern has been highlighted by Kaspersky's recent discovery of a new SystemBC variant that has targeted a South African nation's critical infrastructure.

Smart manufacturing redefined
Hikvision South Africa Surveillance Industrial (Industry)
AI and intuitive visualisation technology allows managers to monitor manufacturing sites, production, and operational processes, and to respond in real time in the event of an issue – helping to drive efficiency and productivity.

CHI selects NEC XON as trusted cybersecurity partner
News & Events Information Security Industrial (Industry)
CHI Limited, Nigeria's leading market player in fruit juices and dairy products, has engaged in a strategic cybersecurity partnership with NEC XON, a pan-African ICT systems integrator.

Edge technology can transform manufacturing in South Africa
Axis Communications SA Surveillance Integrated Solutions Industrial (Industry)
Aligning South African manufacturing more closely with this global shift to edge technologies could take manufacturing in the country to a new level, says Axis Communications’ Rudie Opperman.

Edge AI and managing risk in the cloud
Industrial (Industry) Infrastructure
As organisations see greater volumes of data generated from their operations. It is understandable and imperative that this data is leveraged to generate more value and increase insight that help operations and asset integrity managers ‘do more, better’.

Supporting local manufacturing
Industrial (Industry) Infrastructure
Smart Security asked Esenthren Govender, Solutions Executive at Technodyn for insight into how the company supports local manufacturing organisations to optimise their business.

New algorithm for OT cybersecurity risk management
Industrial (Industry) Information Security News & Events Commercial (Industry)
OTORIO’s new risk management model and attack graph analysis algorithm technology, calculates OT cybersecurity threats and provides risk mitigation actions, prioritised according to actual exposure and potential impact on operations.

The role of AI in industrial plants
Industrial (Industry)
The average modern industrial plant uses less than 27% of the data it generates, but industrial AI can play a major role in identifying patterns and making process predictions through new software platforms that simplify convergence and analysis of OT/IT/ET data.

Addressing the SCADA in the room
Industrial (Industry) Information Security IoT & Automation
Few other sectors command the breadth of purpose-built and custom devices necessary to function, as the industrial and manufacturing industries. These unique devices create an uncommon risk that must be assessed and understood to fully protect against incoming attacks.