IT and OT networks are increasingly converging and, while there are numerous benefits to this, there are also new security challenges to consider. Rick Peters, CISO for Operational Technology, North America at Fortinet, highlights how organisations can create strategies that will enable to them to achieve OT security.
Through the convergence of IT and Operational Technology (OT) environments, organisations can achieve greater efficiency and effectiveness in monitoring critical processes. It also enables organisations to effectively leverage data from a range of sources, including medical devices, industrial applications/robotics and connected sensors – collectively known as the Industrial Internet of Things (IIoT) – to improve OT efficiency and safety, reduce costs and increase employee productivity.
At the same time, however, this convergence can expose new risks that, if left unattended, can leave networks vulnerable. Absent an effective OT security plan, enterprises and their integrated ICS/SCADA systems are left defenceless in the face of cyberattacks that could result in reputational damage, financial loss and/or diminished customer confidence. On a more severe scale, these types of cyberattacks can also threaten the safety of citizens and – in the case of critical infrastructure – national security.
New threats impacting ICS/SCADA systems
Citizens around the world naturally depend on the OT vertical sector services – including manufacturing, energy, utilities and transportation infrastructures – provisioned daily. It is therefore critical to safeguard the integrated ICS/SCADA systems within an OT enterprise. As Digital Transformation sweeps across these sectors as a means to boost efficiency, new cybersecurity concerns have surfaced as once air-gapped systems become exposed to new cyber-risks and a much broader attack surface.
Furthermore, considering the age, sensitivity and complexities of many OT environments, it is increasingly difficult for organisations to protect their high-value cyberphysical assets. It is all of these factors that triggered Fortinet and Forrester to survey industry leaders who manage and maintain OT infrastructure with the goal of highlighting emerging security trends and practices impacting operations.
This survey uncovered three important findings:
1. Breaches are common in the OT sector
Among survey participants, only 10% reported that they had never experienced a data breach. Conversely, 58% of organisations reported having experienced this type of threat in the past 12 months; thus, more than 75% expect regulatory pressure to increase over the next two years. By simply expanding the period of consideration to 24 months, we discover OT system breach rates rising to 80%, demonstrating just how much interest there is for cybercriminals to target OT systems.
Considering the high number of OT breaches, it makes sense that 78% of organisations surveyed plan to increase their ICS/SCADA security budgets this year to more effectively combat these threats.
2. IT and OT networks continue to converge
OT systems historically depended on software and hardware not connected to the Internet, meaning there was a natural reliance on the safety of an ‘air gap’ between external and internal systems. With the shift toward IT-OT convergence and the pursuit toward operational efficiency, connectivity and exposure to more traditional IT threats have increased. With this proportional expansion of the attack surface, cybercriminals can readily gain access to systems that were once isolated.
When surveyed, almost all respondents (96%) expect to face challenges as they move toward convergence, resulting in greater attention devoted to security concerns. When it comes to OT security, more than one-third of survey respondents noted that they are worried about the following issues:
- The potential for connected smart devices to cause breaches
- Third parties lack the security expertise required to help with converged technology and the Internet of Things (IoT)
- Lack of expertise by internal security teams to secure this converged technology and IoT
- Staying on top of the latest security tactics and protocols
- An inability to isolate or contain resources when a breach occurs
- The chance of sensitive or confidential data to be compromised
- Greater regulatory pressures surrounding ISC/SCADA systems
Regulation compliance, in particular, is a common concern. In fact, seven in 10 survey respondents report that they have experienced mounting compliance pressures over the past year, and 78% expect this trend to continue for the next two years. For surveyed organisations, the regulations making the most significant impact are International Society (ISA) Standards, the EU Data Protection Directive (GDPR) and the Federal Information Security Management Act (FISMA).
3. Business partners often add more risk
For as much as they afford benefits, business partners can also create an additional dimension of risk for OT enterprises. Although granting essential privileged access to key designated personnel is critical, minimising control access is equally important. This is reinforced by the fact that organisations most successful at securing their environments were also 129% more likely to severely limit or even deny access to partners.
The most successful organisations were found to grant only moderate access to their systems. These same organisations were 45% more likely to carry out critical security functions in-house rather as opposed to outsourcing this responsibility. Interestingly enough, they were more likely to have outsourced tasks related to network analysis and visibility.
While partner relationships are important and sometimes even essential, corporate enterprise leaders must insist on a prudent approach to granting access, outsourcing decisions and identifying situationally ready partners. As Digital Transformation continues to influence this business sector, executing well-defined and strict adoption of best cybersecurity practices will be vital to securing OT systems.
What does it take to achieve OT security?
Considering the impact that a cyberattack can have on OT networks, from lost productivity to diminished safety, security teams need all the help they can get – and a shift toward proactive cybersecurity strategy for converged networks enables deployment of optimal solutions. In addition to addressing the specific security needs of these enterprises, the preferred solution should deliver a wealth of features and an agile form factor to account for restrictive space and harsh environmental conditions.
Accomplishing OT solution integration at the core while achieving cost savings and reliable connectivity is tenable by employing a robust next generation firewall (NGFW) solution capable of accommodating unique environmental challenges while affording purpose built designed in features like compact SD-WAN solution functionality specifically designed for OT environments.
Foundationally armed with a robust NGFW delivers enterprise architecture protection for the entire converged IT-OT network while eliminating potential OT security gaps that cybercriminals are seeking to exploit.
The convergence of IT and OT
The convergence of IT and OT has clearly revealed significant security risks and complexities that enterprise leaders must actively work to address to avoid the consequences of a cybersecurity event. The stakes in protecting high value cyberphysical assets and intellectual property are high as the rate of OT breaches continue to grow and costly OT business disruption impact revenue, brand reputation and safe operations. Confusion over the appropriate level of access for partners only complicates matters further.
To effectively address these challenges, IT and OT leaders must stay abreast of the latest trends and threat intelligence to gain situational awareness and confidence from the point of convergence to the plant floor. They must also deploy the right solutions – such as a compact, rugged, SD-WAN solution – that will protect their critical assets from any potential threats.
Click below to share this article