Security Experts:

Got Critical Infrastructure? Then You Should Know How To Protect It

Both IT and OT Teams Should be Able to Quickly Access and Analyze all Data Relevant to Their Needs

Industrial Control Systems (ICS) are key to keeping critical infrastructure such as electric grids, nuclear facilities, oil & gas refineries, wastewater treatment plants, manufacturing operations, and more running and safe. In fact, much of what underlies the goods and services being produced and offered across the globe rely on ICS in some form, whether it be in production, transport or operations. Knowing how entrenched these systems are in our working society, we have a good reason to be concerned about the security of ICS. 

The primary goal should always be safety — no injuries, damaged environments, or threats to critical infrastructure like airports. Other goals include IP protection and service availability. All of these require keeping systems running, a strong security posture and optimized resource use. Here are the top trends to look out for to make this possible.

Smart operational technology will become standard

The explosion of inexpensive devices and sensors, coupled with accessible data technology, is completely changing the industrial landscape. IoT is flooding industrial settings like manufacturing and transportation as forward-leaning organizations find innovative ways to leverage operational technology (OT) data. This connected network is automating tedious tasks, improving worker safety and freeing up resources. 

This trend calls back the introduction of mobile technology to the workforce. Much like mobile devices expanded the attack surface as “bring your own devices” (BYOD) became widespread, IoT devices and sensors are flooding industrial environments at once boosting productivity while increasing risk. It’s hard to have the former without the latter. In this light, it becomes imperative for organizations to have visibility and control across their devices that are part of the information and operational technology stacks.  

Predictive maintenance powered by machine learning takes over

Given the proliferation of smart technology across operations in industrial settings, more organizations will start embracing predictive measures to complement the preventative work they are already doing. More data points coupled with better ways of processing and visualizing that data will allow organizations to optimize maintenance cycles and resource use. With operations up and running, directors of manufacturing and operations managers can better focus on cybersecurity instead of constantly worrying about costs and safety. 

Critical infrastructure Security At the heart of this paradigm shift in maintenance and operations will be machine learning and artificial intelligence — and it will do more than alert when things are about to breakdown. For instance, anomaly detection and alert triggering built around machine learning will become increasingly seamless, allowing operation managers to focus on high-priority issues and tasks. Don’t miss the leap forward.

Regulation for manufacturers spurs on quality control and assurance

We must remember regulation and compliance, especially in industries like the automotive and healthcare. Manufacturing in these spaces has only become more complex with more stringent compliance requirements. All component, manufacturing equipment, and operator actions have to be tracked and monitored for compliance. 

The cloud and the recent explosion of Industrial IoT — the introduction of new technology and processes in general — could make compliance difficult. New technology can be a double-edged sword when it comes to meeting new standards and regulations, as new tools, processes and training are introduced. Hiccups are bound to occur so prepare and take rigorous measures to assure quality and compliance. 

Operational Technology and IT converge 

OT and IT systems in industrial environments have increasingly converged over recent years. Human Machine Interfaces (HMIs) are commonly used to send commands to field or factory equipment. Intelligent devices in OT networks are connected to IT infrastructures to enable better, faster data-driven decisions. As a result, segmentation policies has become common practice in these environments, but lack of visibility and control as more integration takes place generates risk for operational technology. Attacks can either start in IT and OT environments and move laterally. Imagine if an ICS connected to valves, gauges or equipment gets compromised and what it could entail. 

As industrial environments become more complex, data-type and data-source agnostic technologies need to be employed. Both IT and OT teams should be able to quickly access and analyze all data relevant to their needs. 

In short, ICS security is critical and will take an evolving approach to handle effectively. IoT will become the norm, smart technology will enhance operations management and execution, and technology stacks will converge as interconnectivity across systems becomes more common. Ensure you’re ready and avoid the repercussions that could arise if your industrial systems are compromised. 

Learn More at SecurityWeek's ICS Cyber Security Conference

view counter
Seema leads product marketing for Splunk’s emerging markets group and is responsible for Splunk’s Internet of Things (IoT) and Business Analytics solutions. In this role, she works closely with Splunk customers to help them understand how valuable insights from machine data can be applied to solve real-world business problems. Prior to Splunk, Seema served in product marketing roles at DataStax, Birst, and Actuate (OpenText). She has a Bachelors in Engineering from the University of Pune, India and a Masters in Computer Science from USC. Please don’t ask her to do basic math.