Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

We’re at an Inflection Point for OT and IT Operations

Operational Technology

Operational Technology

Smart IoT Devices in Industrial Settings Have Shifted the Perspective on OT Environments From Being Reactive to Proactive

In the last decade of IT, security professionals have zeroed in on one overarching mission: identifying and containing data breaches. Not anymore. While still a primary goal of any security operations center (SOC), the attack service has expanded massively in recent years. Analysts understand the new frontier of connected devices represents the next generation of security threats. And at this year’s RSA Conference we saw a clear trend: IoT security is changing the ways IT and Operational Technology (OT) work together. 

Claroty’s call-out at RSA was clear: you must effectively respond to threats with OT-specific context your existing SOC team can understand and act on. And it all starts with an assessment – understanding your current segmentation strategy, assessing weak points and building a mitigation plan. 

Smart IoT devices in industrial settings, such as energy, oil/gas and manufacturing, have shifted the perspective on OT environments from being reactive to proactive and predict failures. IoT and smart monitoring are particularly important in this quest which is why OT practitioners are making serious investments in predictive analytics technology. Predictive maintenance solutions can demonstrate ROI, but security needs to be the focus in implementing such programs. Failure to implement the right controls could actually damage system availability and performance. 

Almost every IoT vendor I saw at RSA also talked up the convergence of IT and OT — despite their disparate priorities — as smart IoT/OT devices continue to be integrated and networked across organizations’ digital environments. Both IT and OT teams realize the importance of security in this process, resulting in a shift of focus for IT staff on monitoring to ensure visibility so OT staff can focus on production issues. But IT and OT should go beyond their siloed focus and work together in order for IT to better protect the OT environment. 

OT folks – help your IT colleagues understand the role and priority of your systems and processes. These OT-related details can help IT correlate and expedite alerts for improved risk-based decisions.  

How to make OT technology secure 

A lot of the answers to securing OT technology is in the OT data itself. In order for organizations to secure and efficiently optimize industrial operations, they need to make production and security data accessible and shareable across a converged IT/OT architecture, from the field network to the IT network. This will require a platform or set of integrated solutions that can both ingest data and integrate it for advanced data correlation. It’s key for rapid access and analysis of security-relevant production data. 

Converged IT/OT networks typically include supervisory control and data acquisition (SCADA) systems, data historians and manufacturing execution systems (MES) that are often integrated with enterprise resource planning (ERP) and other IT systems. SCADA systems in these environments gather data from programmable logic controllers (PLCs) and remote terminal units (RTUs), analyze it and relay equipment statuses to operators and managers. 

All these devices generate troves of production data, but they can also be tapped for monitoring hacked credentials or unauthorized access. Looking at and analyzing production or process downtime and security incidents within IT/OT converged networks can provide unexpected correlations and help improve the accuracy of risk assessment. Be prepared to uncover stealthy security incidents that you’ve missed when looking at production data and security data separately.

Learn More at SecurityWeek’s ICS Cyber Security Conference

Written By

Click to comment

Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

ICS/OT

Vulnerabilities in GE’s Proficy Historian product could be exploited for espionage and to cause damage and disruption in industrial environments.

ICS/OT

A hacktivist group has made bold claims regarding an attack on an ICS device, but industry professionals have questioned their claims.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

ICS/OT

Vulnerabilities in industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to OT networks.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...