Bridging the divide between operational and information technology

Issue 1 2022 Industrial (Industry)

Most enterprises know that cyber-attacks in the information security realm are continuously growing in sophistication, severity and number. However, up until now, many organisations that run plants, factories, pipelines and other infrastructure have paid less attention to the threats they face in the realm of operational technology (OT).

Recent global OT-focused cyber-attacks highlight why South African utilities, manufacturers, oil and gas companies and other organisations that run industrial infrastructure would be wise to take note of the growing range of cyber threats faced by their OT systems and infrastructures.

In one example, an intruder breached a water treatment plant in Florida in the US. The attacker briefly increased the quantity of a corrosive chemical called sodium hydroxide in the water from 100 parts per million to 11 100 parts per million before an operator intervened. In another, cybercriminals launched a ransomware attack on the Colonial Pipeline, which disrupted a major supply of fuel to the East Coast of the US for a week.

As these examples show, OT attacks can be even more serious in nature than information security breaches because of the level of economic upheaval, supply chain disruption and human harm they can cause. This has prompted Gartner to warn that attackers may have ‘weaponised’ OT environments to hurt or kill people by 2025. Gartner says that threats to OT environments have evolved from process disruption threats like ransomware to a more alarming type of attack: compromising the integrity of industrial systems.

Let’s look closer at what OT security is, before delving into why OT threats are growing and what organisations can do about it.

Defining OT and OT security

OT is the hardware, software and other technology used to monitor and control physical processes, devices and infrastructure. Examples include the supervisory control and data acquisition (SCADA) systems used to manage processes such as water treatment and distribution, wastewater collection and treatment, oil and gas pipelines and electric power transmission and distribution, or to monitor and control manufacturing processes on a production line.

By the Gartner definition, OT security is 'Practices and technologies used to (a) protect people, assets and information, (b) monitor and/or control physical devices, processes and events and (c) initiate state changes to enterprise OT systems'. There is a maturing toolbox of specialised OT security solutions, including firewalls, security information and event management (SIEM) systems, identity access and management tools and early-stage threat detection and asset identification solutions that companies can implement to enhance their cybersecurity posture.

Yet OT security remains neglected in many organisations because the engineers in the OT environment usually don’t have much background in cybersecurity, while IT teams tend to regard OT as outside their responsibility and core competence. On a technical level, OT uses vendors, technologies, platforms and protocols that are unfamiliar to IT professionals. Plus, OT networks were, in the past, run independently of IT networks and were usually not connected to the Internet.

Misconfigured networks and Internet exposure

The only way a hacker could access OT systems was if they could get to a physical terminal that controlled them or if a misconfigured network allowed access between the IT and OT environments. However, that all started to change 10 to 15 years ago as more OT systems started to be connected to the Internet, with the goal of gathering data to drive analytics and create new business efficiencies. Along with the benefits of converging IT and OT networks and connecting OT to the Internet, this trend has exposed OT to a growing range of cyberthreats.

Yet even as OT and IT networks converge, the two disciplines tend to run as completely separate functions with little sharing of information. This is somewhat understandable, given how different IT and OT security are in practice: IT cyberattacks are more frequent, OT attacks are more destructive; and IT systems tend to be upgraded and patched more often than OT systems.

In the world of the Fourth Industrial Revolution, it is clear that OT will become more digital in the years to come. Even though there are many differences in the risks, objectives and operating models for OT and IT, there are clear benefits to getting the teams responsible for each into closer alignment. In so doing, the C-suite gets a better sense of the overall risk and threats the business faces and who should be accountable for managing them.

Gartner recommends that enterprises align their standards, policies, tools, processes and staff between the IT and the business to the changing OT systems. This is called IT/OT alignment and it is about crafting a strategy that spans the security lifecycle, from the production floor up to the enterprise.

Getting started

Given the lack of visibility that most organisations have into their OT environment, the place to start with a coherent OT strategy is with a risk and vulnerability assessment. There are powerful tools to help enterprises identify assets that could be affected by cyber-risks, so they can prioritise controls and responses. Since most companies lack in-house skills that straddle the divide between IT and OT, they can often benefit from the skills of a systems integration partner that knows both worlds.

For more information go to

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Cyber resilience is more than security
Industrial (Industry) Cyber Security IT infrastructure
Kate Mollett, regional director at Commvault Africa advises companies to guard against cyberattacks in the shipping and logistics sector using an effective recovery strategy.

Optimised people, processes and technology
Industrial (Industry) Integrated Solutions
When embarking on an industrial digitisation project, it’s important to consider how people, processes and technology will work together and complement the other.

Powder coating provides durable finish
Turnstar Systems Access Control & Identity Management Industrial (Industry)
Turnstar’s powder coating line provides corrosion resistance, high-quality surface finishing and a long-term environment-friendly impact for all access control components the company manufactures.

Preventing cyberattacks on critical infrastructure
Industrial (Industry) Cyber Security
Cyberattacks have the potential to disrupt our lives completely, and in instances where critical national infrastructure is attacked, they could disrupt the country’s entire economy, leading to loss of life and livelihoods.

Security and safety in food manufacturing
ASSA ABLOY South Africa Industrial (Industry)
Food safety, employee health and site security must all work in harmony to ensure the efficient operation of a large-scale food producer.

Identity management in a factory environment
ZKTeco Industrial (Industry)
Combining access control, video surveillance and intrusion systems for protecting people and assets may not provide a complete security solution for industrial companies.

Different application scenarios for thermal cameras
Dahua Technology South Africa CCTV, Surveillance & Remote Monitoring Industrial (Industry)
The use of thermal cameras in safety and security applications has traditionally been associated with critical sites that could justify the higher costs since there was a need for particularly sophisticated security systems.

Next-level manufacturing with smart cameras
Industrial (Industry) CCTV, Surveillance & Remote Monitoring Logistics (Industry)
New technology offered by smart cameras provides an entirely new way of monitoring and controlling safety measures and optimising process flow within the manufacturing and logistics operations.

Minimise the cost and impact of protest activity
Thorburn Security Solutions Security Services & Risk Management Industrial (Industry)
Strikes and protest actions are common in South Africa and businesses need to prepare for the worst while working for the best outcome that benefits all parties.

Improving resiliency and efficiency
Industrial (Industry)
Unified power management and process automation boosts profitability and operational resilience says Dwibin Thomas, cluster automation leader at Schneider Electric.