Bridging the divide between operational and information technology

Issue 1 2022 Industrial (Industry)

Most enterprises know that cyber-attacks in the information security realm are continuously growing in sophistication, severity and number. However, up until now, many organisations that run plants, factories, pipelines and other infrastructure have paid less attention to the threats they face in the realm of operational technology (OT).

Recent global OT-focused cyber-attacks highlight why South African utilities, manufacturers, oil and gas companies and other organisations that run industrial infrastructure would be wise to take note of the growing range of cyber threats faced by their OT systems and infrastructures.

In one example, an intruder breached a water treatment plant in Florida in the US. The attacker briefly increased the quantity of a corrosive chemical called sodium hydroxide in the water from 100 parts per million to 11 100 parts per million before an operator intervened. In another, cybercriminals launched a ransomware attack on the Colonial Pipeline, which disrupted a major supply of fuel to the East Coast of the US for a week.

As these examples show, OT attacks can be even more serious in nature than information security breaches because of the level of economic upheaval, supply chain disruption and human harm they can cause. This has prompted Gartner to warn that attackers may have ‘weaponised’ OT environments to hurt or kill people by 2025. Gartner says that threats to OT environments have evolved from process disruption threats like ransomware to a more alarming type of attack: compromising the integrity of industrial systems.

Let’s look closer at what OT security is, before delving into why OT threats are growing and what organisations can do about it.

Defining OT and OT security

OT is the hardware, software and other technology used to monitor and control physical processes, devices and infrastructure. Examples include the supervisory control and data acquisition (SCADA) systems used to manage processes such as water treatment and distribution, wastewater collection and treatment, oil and gas pipelines and electric power transmission and distribution, or to monitor and control manufacturing processes on a production line.

By the Gartner definition, OT security is 'Practices and technologies used to (a) protect people, assets and information, (b) monitor and/or control physical devices, processes and events and (c) initiate state changes to enterprise OT systems'. There is a maturing toolbox of specialised OT security solutions, including firewalls, security information and event management (SIEM) systems, identity access and management tools and early-stage threat detection and asset identification solutions that companies can implement to enhance their cybersecurity posture.

Yet OT security remains neglected in many organisations because the engineers in the OT environment usually don’t have much background in cybersecurity, while IT teams tend to regard OT as outside their responsibility and core competence. On a technical level, OT uses vendors, technologies, platforms and protocols that are unfamiliar to IT professionals. Plus, OT networks were, in the past, run independently of IT networks and were usually not connected to the Internet.

Misconfigured networks and Internet exposure

The only way a hacker could access OT systems was if they could get to a physical terminal that controlled them or if a misconfigured network allowed access between the IT and OT environments. However, that all started to change 10 to 15 years ago as more OT systems started to be connected to the Internet, with the goal of gathering data to drive analytics and create new business efficiencies. Along with the benefits of converging IT and OT networks and connecting OT to the Internet, this trend has exposed OT to a growing range of cyberthreats.

Yet even as OT and IT networks converge, the two disciplines tend to run as completely separate functions with little sharing of information. This is somewhat understandable, given how different IT and OT security are in practice: IT cyberattacks are more frequent, OT attacks are more destructive; and IT systems tend to be upgraded and patched more often than OT systems.

In the world of the Fourth Industrial Revolution, it is clear that OT will become more digital in the years to come. Even though there are many differences in the risks, objectives and operating models for OT and IT, there are clear benefits to getting the teams responsible for each into closer alignment. In so doing, the C-suite gets a better sense of the overall risk and threats the business faces and who should be accountable for managing them.

Gartner recommends that enterprises align their standards, policies, tools, processes and staff between the IT and the business to the changing OT systems. This is called IT/OT alignment and it is about crafting a strategy that spans the security lifecycle, from the production floor up to the enterprise.

Getting started

Given the lack of visibility that most organisations have into their OT environment, the place to start with a coherent OT strategy is with a risk and vulnerability assessment. There are powerful tools to help enterprises identify assets that could be affected by cyber-risks, so they can prioritise controls and responses. Since most companies lack in-house skills that straddle the divide between IT and OT, they can often benefit from the skills of a systems integration partner that knows both worlds.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Global skills shortage ‘accelerates digitisation of industrial operations’
News Industrial (Industry)
Verdantix says 83% of firms will increase spending on operational excellence initiatives in 2023, while AI and machine learning are increasingly being used by industrial firms to maximise data utility.

Accelerating your Zero Trust journey in manufacturing
IT infrastructure Cyber Security Industrial (Industry)
Francois van Hirtum, CTO of Obscure Technologies, advises manufacturers on a strategic approach to safeguarding their businesses against cyber breaches.

A robust OT cybersecurity strategy
Editor's Choice Cyber Security IT infrastructure Industrial (Industry)
Cyber experts are still struggling to convince senior management to spend money to protect their control system assets, resulting in a lack of even basic measures to protect control systems.

Driving reliable wireless security
Elvey Security Technologies Perimeter Security, Alarms & Intruder Detection Industrial (Industry) Products
Ajax wireless technology provides reliable system to provide uncompromising perimeter intruder detection for security at vehicle manufacturing plant.

Functional safety, cybersecurity protection on 32-bit MCU
Industrial (Industry)
The PIC32CM JH microcontroller is a 512 KB Flash, 5 V, dual CAN FD device that delivers premium features typically only available on more expensive, higher-performance devices.

The current and future state of smart OT security
Technews Publishing Industrial (Industry) Cyber Security IT infrastructure
Nearly 60% of survey respondents also revealed that their organisation suffered at least one OT breach during the past 12 months, with 10% experiencing four or more.

Cyber resilience is more than security
Industrial (Industry) Cyber Security IT infrastructure
Kate Mollett, regional director at Commvault Africa advises companies to guard against cyberattacks in the shipping and logistics sector using an effective recovery strategy.

Optimised people, processes and technology
Industrial (Industry) Integrated Solutions
When embarking on an industrial digitisation project, it’s important to consider how people, processes and technology will work together and complement the other.

Powder coating provides durable finish
Turnstar Systems Access Control & Identity Management Industrial (Industry)
Turnstar’s powder coating line provides corrosion resistance, high-quality surface finishing and a long-term environment-friendly impact for all access control components the company manufactures.

Preventing cyberattacks on critical infrastructure
Industrial (Industry) Cyber Security
Cyberattacks have the potential to disrupt our lives completely, and in instances where critical national infrastructure is attacked, they could disrupt the country’s entire economy, leading to loss of life and livelihoods.