Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

We’re at an Inflection Point for OT and IT Operations

Operational Technology

Operational Technology

Smart IoT Devices in Industrial Settings Have Shifted the Perspective on OT Environments From Being Reactive to Proactive

In the last decade of IT, security professionals have zeroed in on one overarching mission: identifying and containing data breaches. Not anymore. While still a primary goal of any security operations center (SOC), the attack service has expanded massively in recent years. Analysts understand the new frontier of connected devices represents the next generation of security threats. And at this year’s RSA Conference we saw a clear trend: IoT security is changing the ways IT and Operational Technology (OT) work together. 

Claroty’s call-out at RSA was clear: you must effectively respond to threats with OT-specific context your existing SOC team can understand and act on. And it all starts with an assessment – understanding your current segmentation strategy, assessing weak points and building a mitigation plan. 

Smart IoT devices in industrial settings, such as energy, oil/gas and manufacturing, have shifted the perspective on OT environments from being reactive to proactive and predict failures. IoT and smart monitoring are particularly important in this quest which is why OT practitioners are making serious investments in predictive analytics technology. Predictive maintenance solutions can demonstrate ROI, but security needs to be the focus in implementing such programs. Failure to implement the right controls could actually damage system availability and performance. 

Almost every IoT vendor I saw at RSA also talked up the convergence of IT and OT — despite their disparate priorities — as smart IoT/OT devices continue to be integrated and networked across organizations’ digital environments. Both IT and OT teams realize the importance of security in this process, resulting in a shift of focus for IT staff on monitoring to ensure visibility so OT staff can focus on production issues. But IT and OT should go beyond their siloed focus and work together in order for IT to better protect the OT environment. 

OT folks – help your IT colleagues understand the role and priority of your systems and processes. These OT-related details can help IT correlate and expedite alerts for improved risk-based decisions.  

How to make OT technology secure 

A lot of the answers to securing OT technology is in the OT data itself. In order for organizations to secure and efficiently optimize industrial operations, they need to make production and security data accessible and shareable across a converged IT/OT architecture, from the field network to the IT network. This will require a platform or set of integrated solutions that can both ingest data and integrate it for advanced data correlation. It’s key for rapid access and analysis of security-relevant production data. 

Advertisement. Scroll to continue reading.

Converged IT/OT networks typically include supervisory control and data acquisition (SCADA) systems, data historians and manufacturing execution systems (MES) that are often integrated with enterprise resource planning (ERP) and other IT systems. SCADA systems in these environments gather data from programmable logic controllers (PLCs) and remote terminal units (RTUs), analyze it and relay equipment statuses to operators and managers. 

All these devices generate troves of production data, but they can also be tapped for monitoring hacked credentials or unauthorized access. Looking at and analyzing production or process downtime and security incidents within IT/OT converged networks can provide unexpected correlations and help improve the accuracy of risk assessment. Be prepared to uncover stealthy security incidents that you’ve missed when looking at production data and security data separately.

Learn More at SecurityWeek’s ICS Cyber Security Conference

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

The City of Phoenix has promoted Mitch Kohlbecker to the role of Chief Information Security Officer.

Gigamon has promoted Tony Jarjoura to CFO and Ram Bhide has been hired as Senior VP of engineering.

Cloud security firm Mitiga has appointed Charlie Thomas as Chief Executive Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.