Convergence of IT & OT is clearly a double-edged sword.
Failure to take the wide range of security issues into account when converging these two very different networks and networking philosophies can result in catastrophic network failures that can cost millions in lost productivity and inventory.
By Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet.
“When it rains it pours” this has never been more true than the current impact of digital transformation on security teams charged with protecting IT and OT networks. Today’s CSOs and CISOs find themselves at a crossroads in the transition of their role within an organization. They not only serve as security experts, but also guide business decisions in order to ensure that security is woven into the expanding infrastructure. The challenge is that this has to be accomplished effectively, efficiently, and comprehensively as there are simply not enough skilled cybersecurity professionals to address the expanding, convergence driven security challenges.
At the same time, the unprecedented proliferation of IoT devices challenges security solutions to identify, secure, and monitor more devices and higher volumes of traffic than ever. Coincidently, this challenge is even broader as networks are expanding into new ecosystems, such as multi-cloud, mobility, and SD-WAN. Further complicating the security challenge is the fact that much of the security technology currently in place simply doesn’t scale into these new environments. In spite of these expanded challenges, IT teams are required to extend and expand security into these new domains without leaving gaps in policy implementation or enforcement—while simultaneously not overburdening the limited IT resources that are available.
The rapid expansion of the attack surface exacerbates the demand on security professional and presents a scenario where dropping the ball on security is most likely to happen. At the same time, the demands of the new and evolving digital economy compounds the implications due to a lapse in security. Adversaries and motivated cybercriminals deploy increasingly sophisticated attacks to accomplish extortion, espionage, and even sabotage.
The Security Implications of Converging IT and OT
Nowhere are the implications of these security challenges more apparent than in the convergence of OT and IT networks. For many cyber physical organizations, OT is the fuel that drives the success of the business. Manufacturing floors, assembly lines, inventory management, and production lines provide the goods and services that consumers demand. It is imperative in today’s digital marketplace to be able to respond to consumer demand as quickly as possible, so many organizations are looking to implement IT efficiencies and solutions into a network environment that traditionally runs in isolation.
Convergence is clearly a double-edged sword. Failure to integrate IT and OT environments means that production lags behind demand and market share can be quickly lost to competitors that are simply more nimble. On the other hand, failure to take the wide range of security issues into account when converging these two very different networks and networking philosophies can result in catastrophic network failures that can cost millions in lost productivity and inventory.
Contrasting IT and OT System Values
A significant component of the challenge is that IT and OT networks are founded on very different, and often highly contradictory priorities. IT networks generally follow the well-established Confidentiality/Integrity/Availability (CIA) model. The emphasis in on ensuring the confidentiality of critical data, transactions, and applications, maintaining network and data integrity, and only then ensuring the protected availability of networked resources. These priorities tend to be the basic building blocks of any security strategy.
Conversely, OT networks depend upon and operate with an exactly inverted model. The safety and availability of resources is the topmost priority. Assembly lines, furnaces, generators, and other large systems simply should never go offline. Monitoring critical systems, such as pumps, valves, and thermostats is essential since any system errors can translate into huge financial loss, and pose catastrophic risk to the life and well-being of workers and communities.
The integrity of those systems is the second highest OT system priority. As a result, systems that are functioning as designed are rarely patched, updated, or changed. The operative model is, “if it ain’t broke, don’t fix it.” In most instances, devices such as HMI workstations or controllers may operate without changes for years or even decades because taking them offline can impact availability. For example, a total retest of the OT system is required when hardware or software changes are executed.
Confidentiality, the third component of the OT value model receives far less attention. OT networks have historically addressed this element by simply being air-gapped from the IT network and the internet. Within the network itself, however, most OT environments were designed around implicit trust. It is not unusual for an engineer to be able to control any Programmable Logic Controller (PLC) (devices that control manufacturing processes such as assembly lines or robotic devices) anywhere in the OT network using a single laptop. This enables services for requirements like the rapid troubleshooting of issues happening anywhere in the plant or factory.
Converging IT and OT environments is essential for many organizations to compete effectively in today’s digital economy. But unless great care is taken and the needs of the OT environment are fully understood, a broadened attack surface will be available to adversaries. Both criminally motivated and nation-state driven cyber actors will accomplish a wide array of attack scenarios that can result in great consequence to include lost revenue, impacted brand reputation, significant damage to physical plant, and even worse lost lives. The necessity for action to protect critical infrastructure and specifically converged cyber physical assets is an absolute imperative on a global scale. Rethinking and implementing a strategy that enforces a designed-in cybersecurity framework will enable OT system owners to confidently move forward in a digitally transformed business while sustaining safe and continuous operations.