IT and OT Teams in Critical Infrastructure and Manufacturing Companies Must be Able to Proactively Manage Risk
As IT and security professionals, we know that change is constant. In fact, part of what defines us is our ability to adapt to change and the faster we adapt, the more successful we will be. The change we encountered in 2020 was unprecedented and had a dramatic impact on our operational technology (OT) environments – accelerating and sometimes recasting how we address the following four key areas.
1. Digital transformation. Well before the pandemic, companies in critical infrastructure and manufacturing sectors had already started to improve their traditional manufacturing processes and move to the cloud and SaaS applications. Many also had some type of remote access solution in place so that manufacturers of the industrial control systems that compromise OT networks could service existing machinery per their contracts. Then came the COVID crisis and digital transformation across all sectors accelerated significantly. Driven by the need to increase productivity and top line revenue to stay competitive, companies prioritized digitization and the convergence of IT and OT networks expanded dramatically. Supporting a surge in requests for remote access is the most obvious example – extending connectivity to additional user groups, including employees and third parties, who had previously provided critical services on-site.
2. Business opportunities. We also saw an acceleration of business opportunities in critical infrastructure sectors such as life sciences and pharmaceuticals, and food and beverage. For companies in these sectors, the OT side is their business – it’s what drives revenue. To take advantage of these opportunities, organizations are increasingly looking for new ways to optimize processes and reduce costs through automation; Internet of Things (IoT) and smart devices are becoming essential to improving OT operations.
3. Cyber threats. Another change is an increase in the number and types of cyber threats. Organizations in critical infrastructure sectors can’t risk downtime, which has contributed to the IT/OT security gap. Yet as their OT and IT networks converge, more legacy OT assets become internet-facing, and they introduce more IoT devices to their environments, the security gap widens and the door for attackers opens further. The U.S. National Security Agency (NSA) and Cybersecurity Infrastructure Security Agency (CISA) alert back in July and last month’s CISA warning of unknown cyber-threat actors targeting the COVID-19 vaccine supply chain, highlight the need to reduce exposure of OT environments, the increased capabilities of attackers, and the urgency and severity of the risk.
4. OT security. The connection between improving competitiveness and improving security is increasingly apparent at the board level. Business leaders in these sectors are becoming more educated on the prevalence and severity of these threats and are exploring new ways of mitigating risk and creating business continuity plans. They realize they have spent years protecting their IT networks, but as they look towards more IT/OT convergence to increase business performance and competitiveness, they recognize that their OT networks remain exposed. Just when they can least afford a compromise, they are most vulnerable. So, business continuity plans are number one on their list driven by a holistic approach to risk mitigation.
As we start to see a light at the end of the tunnel with the pandemic, the way we manage our businesses will change permanently, and therefore the technology we use to support it will change permanently as well. To take full advantage of this confluence of changes and move forward securely, IT and OT teams in critical infrastructure and manufacturing companies must be able to proactively manage risk.
This starts with full visibility into all the assets in your OT environment and the function they perform, so that you can identify vulnerabilities and detect suspicious behavior more effectively and efficiently. Asset identification isn’t a one-time activity but must be a continuous process to understand new gaps and risks as they emerge. With a complete picture of asset information, agentless solutions that are purpose built for continuous threat monitoring can help you identify and track threats that cross the IT/OT boundary. IT and OT teams can then work together to secure the converged enterprise without risk to productivity or downtime. And to tackle one of the toughest challenges facing industrial cybersecurity practitioners today, secure remote access solutions with strict controls over sessions provide off-site access to OT environments while minimizing the substantial risks introduced by remote workers.
The world will go back to some degree of “normal,” but it will not go back to the pre-pandemic baseline. How we work has changed forever. Fortunately, as security professionals, we know we can adapt to change and play a pivotal role in helping our organizations transition smoothly.
Learn More About Industrial Cybersecurity at SecurityWeek’s ICS Cyber Security Conference Series
