A few new security challenges for the industrial control systems (ICS) sector have pushed aside the culture clash between IT and OT operators. In the days before SolarWinds and smart device source code snafus, “That won’t work for OT” was a regular refrain.
The United Kingdom and the European Union take IT security very seriously, and various government efforts have made them global leaders in protecting citizens’ data and privacy. Unfortunately, these efforts mainly neglect the particular and substantial threats that operational technology (OT) poses to industrial operations that are critical to millions of people’s safety and well-being.
In 2016, the EU took two key measures toward enhancing cybersecurity. To begin, the Network and Information Systems (NIS) Security Directive was introduced in the United Kingdom in 2018, with the legislation affecting operators of critical services such as electricity, water, and transportation. Second, the General Data Protection Regulation (GDPR) was implemented. The NIS directive recognizes the economic and societal harm that IT system failure can cause. GDPR regulates the privacy and data of EU citizens and holds businesses accountable for protecting that data.
Increasing the level of integration between OT and IT systems
OT is in charge of managing and controlling the physical assets and processes that support a country’s vital infrastructure. From managing supply chains and production lines to operating heating, ventilation, and air conditioning (HVAC) systems, businesses rely on these systems. Dams, sewage treatment plants, and even traffic signals are all under the direction of government-OT. OT systems, which were once created as proprietary stand-alone systems, are now frequently IP-addressable and coupled to traditional IT systems. Administrators can now control systems from afar and collect useful information about processes. Unfortunately, it also makes these systems vulnerable to attacks and breaches from the outside world.
For the past 30 years, OT and IT systems have been linked. This networking allows for more efficient management of physical systems, but little care is given to securing newly vulnerable OT. Traditionally responsible for cybersecurity, IT departments are often unaware of the links established to industrial systems and are unaware of the special requirements and issues offered by OT. Furthermore, many OT managers are unfamiliar with cybersecurity.
People are, in the end, the greatest threat to adequately safeguarding these industrial systems.
The cultural difference between IT and OT
The IT and OT teams have grown up in distinct worlds and have different goals. Only about a third of firms evaluated indicated their IT and OT teams have a cohesive security strategy, according to a Ponemon Institute research report on The State of Industrial Cybersecurity. According to the report, the cultural barrier between IT and OT teams has an impact on the ability to secure both the IT and OT environments.
This disparity is unsurprising. IT and OT systems developed with distinct purposes in mind, and there are still significant distinctions in how the two types of technology are managed.
Production availability and physical safety are prioritized by OT’s emphasis on physical operations. Threats to OT, in particular, can jeopardize company operations as well as human health and safety. OT physical security requirements can clash with standard IT cybersecurity requirements. For OT, availability is crucial, and downtime is viewed as “the enemy.” As a result, OT isn’t updated on a regular basis, and unsupported legacy systems with known security vulnerabilities continue to perform.
Creating a sense of urgency
Despite the fact that a comprehensive solution for OT security will be a long-term process, immediate action is required. State-backed adversaries will continue to expand their cyber capabilities against key infrastructure and operational systems, according to the EU’s 2021 assessment of the cyber threat landscape. Hackers-for-hire, who operate for both governments and private companies, are also providing their skills to circumvent operational and industrial restrictions.
Understanding what OT is, what it does, and how it connects to other IT systems is one of the first steps in improving industrial cybersecurity. The requirements for security can then be established, and plans can be made to implement them.
For more such updates follow us on Google News ITsecuritywire News