As the two contrasting worlds of IT and OT converge, cybersecurity is no longer merely an IT problem. With the rise of IoT, organizations face a much broader and less controlled threat landscape.
The convergence of IT and OT (Operational Technology) has become increasingly popular. With it comes a new set of security issues, and organizations struggle to make the converged landscape safe and secure. The last couple of years have seen a rise in the number of attacks, mostly ransomware-based, but most of the attacks come from garden-variety criminals who now have the tools to take significant aim at OT systems.
According to a recent research report by Risk Based Security, the number of reported breaches increased by 33% over 2018 numbers, with a total of 7.9 billion exposed records—making 2019 one of the worst years in cybersecurity history.
The Threat Landscape
The industry has seen an increased convergence and connectivity between formerly isolated OT environments and the IT business systems inside organizations. A hunger for data is one of the driving forces behind this convergence, but it is not the sole driver. The larger motive is that businesses are using more centralized and cloud-based data analytics to power their manufacturing. But with the continuously shrinking separation and isolation between the two, the threat landscape has grown significantly.
The IT/OT convergence made OT devices accessible from IT networks by lateral movement, and malicious entities realized the tremendous impact they would cause, and the financial profit and the publicity they would gain. These attack types align with socio-economic trends and global computing. The significant drivers for these attacks include the rapid rise in IoT devices and connections, the coronavirus pandemic, and the increasing growth and sophistication of cybercriminals using ransomware for financial gain.
Fortunately, organizations are starting to realize there is a significant gap between the priorities of OT and IT teams, which has a substantial effect on cybersecurity initiatives.
Bridging the Gap
The attacks from ransomware, IoT botnets, and COVID-19-themed malware will continue to grow. With the continually shifting and adapting threats, it’s essential to maintain high cyber resiliency and fast response capabilities. Security gaps related to people, processes, and technology have an enormous impact. The separation of IT and OT in organizations with increasingly connected IT, OT, and IoT systems can lead to blind spots. Hence, it is crucial to have the right technology in place and focus on best practices to increase visibility and operational resiliency.
To safely achieve convergence between different parts of the networked environment, it is vital to treat them as one security domain and understand the risks and attack types across the two environments. And, syncing two environments into one security domain requires building bridges across system architectures and technologies.
It is essential to ensure that the stakeholders involved in security are on the same page, and everyone is seeing the same tools and looking at the same data, responding to the same events. With everyone looking at the same set of data and agreeing on the same set of priorities, organizations can focus on the fundamental similarities between many threats and attacks, and action can be taken to diminish the risk to the company.