The cyber security industry has focused mainly on developing solutions for Information Technology (IT) systems. However, there is now increasing attention on Industrial Control Systems (ICS) or Operational Technology (OT) systems that integrate hardware and software with network connectivity to control industrial processes. Industrial organizations are moving rapidly to take advantage of IT technologies in their OT environments to become more competitive and reap the benefits of increased efficiency and shared data. However, as more countries move towards a smart city, and more operations integrate IT and OT systems, mounting security risks to the OT infrastructure increase. Organizations must take proactive measures to protect their OT systems from potential cyber-attacks. Educating staff on preventing an attack is a priority, as a cyber attack can potentially cost an organization millions in losses and can have a detrimental effect across sectors.
What is OT?
Operation Technology (OT) is a category of computing and communication systems that manage, monitor and control industrial and manufacturing operations, focusing on physical devices and processes they use. OT has been around longer than IT as we first began using machinery and equipment powered by electricity in factories with the industrial revolution of the 18th century. However, the term is more recent as it focuses on both the hardware and the software1 that manages industrial operations such as oil and gas monitoring, power plants, and production line manufacturing, to name a few.
OT is common in Industrial Control Systems (ICS), a term used to describe different types of control systems that include the devices, systems, networks, and controls used to operate and/or automate industrial processes, such as a SCADA system. Each ICS functions differently depending on the industry and are built to electronically manage tasks efficiently. Today, protocols and devices used in an ICS are used in nearly every industrial sector and critical infrastructures; such as the manufacturing, transportation, energy, and water treatment industries. 2
Internet Connection Poses Risks
The “Industry 4.0” revolution has transformed how manufacturing and industrial companies operate. IT teams progressed from manual operations using less advanced electronic controls to now data-driven units that rely on analytics and automated operations to drive efficiency, product quality, business decisions, and net profits.3 The main core of Industry 4.0 is the merge of OT and IT networks; in other words, the industrial and traditional corporate networks.
When IT and OT systems work in harmony together, new capabilities are discovered. Systems can be remotely monitored and managed and organizations can realize the same security benefits that are used on administrative IT systems. However, this transition from closed to open systems has generated new security risks that need to be addressed.
Traditionally, OT cyber security was not needed as they were not connected to the internet and therefore not exposed to outside threats. However, as technology innovation advanced and IT and OT networks merged, the need for OT security grows exponentially. Devices have become IP-enabled and part of the network ecosystem. Therefore, these formerly isolated devices are no longer protected.4
Need for OT Security Grows Exponentially
Often, IT and OT networks are separate, as typically OT networks report to the COO and IT networks report to the CIO. This separation duplicates security efforts and lessens transparency. It becomes more challenging to identify the boundaries of the attack surface because these disparate teams do not know what is attached to their network, leaving OT/IT networks open with massive security gaps.
In the ICS, sensors and other controllers are now industrial internet of things (IIoT) endpoints on the converged IT/OT network, which has opened organizations up to increased security risk and cyberattacks. As cyberattacks on IT networks increase and more integration of OT systems occur, vulnerabilities are multiplying, drastically increasing the attack surface of OT networks.5
A successful attack on a control system could result in a corporate data breach, and the infiltration of an enterprise IT network could end in an ICS attack. An attack on the system can be alarming as many OT related networks handle critical functions, such as electric power, lifesaving healthcare treatments, etc. and if compromised, the results would be devastating.
Security challenges Increase
As IT and OT convergence accelerate, large gaps remain open to threats that can cost companies millions of dollars. For example, an IT service provider, Cognizant, reported $70 million in losses in one ransomware attack in April 2020.6 According to projections, cybercrime is forecast to cost the global economy $10.5 trillion by 2025, reflecting a 15% increase every year.7 In this new threat landscape, industrial IT teams struggle to secure assets and environments that were initially implemented without security in mind.
One example is the availability requirements of OT systems. Downtime for software upgrades, patches, or firmware updates are generally accepted in the IT environment but can be very disruptive and costly in some OT systems. A worst-case scenario is running an outdated software or firmware version with known security vulnerabilities, which can lead to an increased risk of attack by a potential adversary. Considerations need to be taken to properly maintain OT systems to minimize downtime, otherwise, lack of routine maintenance will increase the potential for a cyberattack.
Implementing proactive security measures for IT/OT networks
In the Global State of Industrial Cybersecurity report, detailed results of 1,000 IT and OT security professional was conducted in Q4 2019. The results indicate that a lack of pre-existing cyber security plans and secure remote access was common among respondents who reported a difficult transition with the COVID-19 pandemic.8
The human factor is responsible for 70% of all breaches worldwide.9 Kaspersky Lab and B2B International have undertaken a study into over 5,000 businesses around the globe which conveyed that over half of businesses (52%)10 believe they are at risk from within. It was staff, whether intentionally or through their own carelessness or lack of knowledge, putting the businesses they work for at risk.
The best solution is to educate your staff about what an attack looks like and how they can prevent it. GDI shares expertise in the field with your security team, so they are aware of the latest techniques that hackers are using and learn how to protect your business successfully. We can also build a cyber security course tailored to your company’s requirements.
Training personnel and bringing more dedicated staff on board to help enforce security policies is an answer to this problem. Now, multiple businesses across the globe are looking to implement cyber security staff training. Training is essential in raising awareness among personnel and motivating them to pay attention to cyber threats and countermeasures.
Contact us today and explore our advisory and professional services such as:
- IT and OT/IoT Security assessment
- IT and OT/IoT system architecture design
- Design and Document Policies, Processes and Controls
- IT and OT/IoT Security Testing
- Managed Security Services
- Training Services
Learn more about our Cyber Security services here and contact us to explore how we can help protect your organizations OT systems.