<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=522217871302542&amp;ev=PageView&amp;noscript=1">

OT – whose responsibility is it anyway?

May 30, 2019 10:21:36 AM Bart Van Moorsel Operational Efficiency, IoT Security, Network Security, Security Services

Many businesses rely on machines to help them provide goods or services. Think of a car factory and you’re reminded of the robotic machines used along the production line. These machines are what we call operational technology (OT).

OT, much like IT, has come a long way over the past couple of decades, propelled by digitalisation and the constant drive for improved efficiency.  As OT has become more sophisticated, it has also found itself connected to the network or even the internet. This can and often does make OT vulnerable to cyber threats. Translated this means if someone decides to carry out a cyber-attack on an organisation’s OT, then the risk is the production of goods and services might come to a grinding halt.

The IT world has grown up with the risk of cyber threats and as such is well-practiced in developing strategies to enhance the cyber security posture. For instance, most IT teams will think about the risk of cyber threats on a daily basis. Whereas operational technology has not traditionally sat with the IT teams. Instead it tends to belong to production teams or services teams located in the core of the business. Network enabling or internet enabling their OT is introducing them to the complex and sophisticated world of cyber security. Because of this, sometimes it can be difficult to know whose responsibility it is to secure OT.

IT specialists need to be involved from the start when it comes to securing OT effectively. Too often, the department who will benefit from the deployment focuses solely on these benefits and not the vulnerabilities it might create for the business.

OT threats are on the up.

Thanks to technologies such as Industrial Internet of Things (IIoT) and OT networks, attack surfaces are getting larger and with them the risk to businesses.

Attacks on OT climbed 10 per cent between 2017 and 2018. While they differ in their intent, events such as the WannaCry attack on the Taiwanese Semiconductor Manufacturing Company show how cybercriminal knowhow, nation-state threats and internal exposure can combine to create a perfect cyberattack storm.

OT is often an easier target than a modern sophisticated data centre, not forgetting successful attacks can have a crippling impact on an organisation. Ultimately OT devices are yet another endpoint that hackers view as a potential gateway into valuable networks.

What can be done?

Traditional security components such as firewalls are not nearly enough to manage the traffic produced and transported over an OT network. As such, having the IT department be responsible for OT networks—and not industrial production or resource departments as is often the case—is critical.

As digitalisation in industry quickens, efforts to secure industrial control systems are struggling to keep pace. Despite growing concerns, traditionally air-gapped OT is increasingly being used alongside connected devices to drive efficiencies and minimise downtime.

Until security becomes a priority, enterprises—particularly industrial organisations—are leaving themselves open to attack.

OT solutions are increasingly dependent on IT infrastructure and services, further justifying the need for greater IT involvement. Employees should be educated on good security hygiene, such as changing passwords and spotting phishing emails. There is good reason that laws have now been passed outlawing default passwords, and that’s because it makes a lot of sense. Enterprises need to apply this same spirit of cyber hygiene to their entire OT rollout.

The number of devices connected to the internet for OT purposes is only going to increase and it is crucial that IT teams know about them and that they know about them from the start. Short term operational benefits pale into comparison against the damage a large-scale shutdown that can be caused by a cyber attack. The seriousness of such an attack cannot be understated; an attack on a company’s OT is an attack on its core operations. As OT continues to grow, the channel should work with its customers to educate them and their staff to ensure that best practice and security are at the heart of every OT rollout.


Bart Van Moorsel

Written by Bart Van Moorsel


see all