Cybersecurity threats are top of mind for executives across industries. According to the Allianz Risk Barometer, cyber incidents are the number one concern for companies globally this year ahead of business interruption and natural catastrophes — and it’s easy to see why. Companies are concerned about everything from ransomware and phishing scams to more sophisticated attacks by bad actors intent on stealing trade secrets, disrupting services or even causing damage to critical infrastructure.
In the age of the Internet of Things (IoT) and connected devices, anyone and anything could be a target. That includes operational technology (OT) in the industrial space — a market that has a plethora of soft targets for adversaries to potentially compromise — and yet goes largely unchecked due to the siloed nature of these operations.
Historically, OT and information technology (IT) teams have had different priorities and goals, essentially functioning as two units operating separately. But that kind of approach won’t cut it in this era of heightened cyber threats. As OT components go from being stand-alone, independently operated pieces of equipment to being connected to broader IT networks, these endpoints have become susceptible entry points for bad actors. That means to help reduce the risk of cyberattacks, it’s not enough to simply recognize the convergence of OT and IT; firms need to build a cybersecurity function that can ensure cross-collaboration between these two different teams. Here are four tips to make that a reality in any organization:
Start at the top
To integrate all aspects of security — both physical and cybersecurity elements — security leaders need enterprise leadership to get involved early and set the course. Given these systems and functions within the organization have operated separately for decades, if not longer, there’s bound to be some differences in how things get done. After all, connecting a physical security system to an IT network is big ask.
For example, when thinking about implementing a video surveillance system, the OT team may not be considering the cyber risk of that new asset… but hackers may. Collaboration is the best way to help reduce that threat. With leadership teams involved, get buy-in to prioritize both physical and logical security and establish a checks and balance system. Using the video surveillance example, make sure IT is involved in approving equipment so they can flag concerns and mitigate risk. Additionally, provide appropriate employee education, including establishing awareness and training programs. This level of leadership and collaboration is critical to protect the organization as a whole.
Put a technology roadmap in place
Technology is evolving at a breakneck pace. New innovations and security offerings are hitting the market just as quickly. Organizations need a plan for how they’ll keep up and how they’ll make decisions about priorities and processes. What technology will the organization implement? What equipment is needed? What policies need to be in place? These questions require input and collaboration from both IT and OT to ensure the plan is successful. While the process can feel overwhelming, consider leveraging products and technologies from reputable brands that can provide extensive expertise and technical support. And to streamline the process, working with a technology partner or integrator may help make sense of what is needed and what is not. These organizations have already spent time vetting the options, ultimately saving the security team time and money.
After spending the time to identify, implement and integrate organizational systems, don’t leave out the most critical piece to safeguard the infrastructure — maintenance. System updates, firmware upgrades and the like are necessary to address vulnerabilities both known and unknown, but they cannot be done without proper coordination in this interconnected world.
For example, scheduling a software update might require an OT system such as a lighting or energy monitoring application to go offline. For a manufacturer, these systems are mission critical, and any downtime can have devastating business consequences as delays generate profit losses on already slim margins. Similarly, if OT systems are hit by a cyberattack, the typical IT approach of a quarantine and shut down may not be feasible. And a patch process cannot be randomly executed to solve the problem as it may break the connections on the network and cause a net new issue.
To avoid this scenario, involve facilities from the start and map out who from both IT and OT will be responsible for maintenance, upgrades and patches. Beyond the four walls of the organization, ensure everyone in the supply chain is knowledgeable and aware of known industrial control system (ISC) vulnerabilities as this will help avoid unnecessary vulnerabilities.
Despite the best laid plans, bear in mind that these are active, interconnected and dynamic systems. It’s impossible to separate physical and cybersecurity elements, as their role in business operations is so foundational. As the landscape for new technologies and best practices change, adapt along with it. Ensure the lines of communication are open, management maintains involvement in the process, and all the key parties across IT and OT are committed to working collaboratively to strengthen every element of security. These tenets will help manufacturing organizations stay nimble in the face of an ever-changing security landscape.
As the convergence of IT and OT continues, the risk of cyberthreats will continue to rise along with it. Building a collaborative security team across both IT and OT will help to reduce organizational risk and fortify critical infrastructure. By involving leadership, setting a plan, and staying adaptable as things change, security leaders will be armed with a comprehensive security approach that supports near-term needs and offers long-term business sustainability.