The cyberthreat to industrial operations is rising steadily. ABI Research and Palo Alto Networks revealed in a recent report that more than three-quarters of industrial organizations surveyed experienced a cyber-attack last year. And about 25 percent of survey participants said that at least once last year, a successful attack caused them to shut down operations. At the same time, threats are becoming more widespread due to cybercriminals’ growing sophistication and the expansion of the attack surface via next-generation technologies such as remote access and 5G.
Due to the frequency of attacks, along with increasing cybersecurity regulation for critical infrastructure, industrial operators are struggling with implementation. The fact that OT and IT teams are typically not aligned is a major barrier. Since 72 percent of OT attacks have their origin on the IT side, this lack of alignment is monumental.
To upgrade industrial operations cybersecurity, it’s time to bridge the divide between IT and OT.
Who is Responsible for OT Cybersecurity?
The majority of industrial operators recognize the critical nature of cybersecurity for their OT environments. However, as noted above, one thing that makes OT security difficult is that threats usually come from the IT side. Consequently, IT and OT teams can’t bolster security by working separately; collaboration has become a necessity.
This is easier said than done, though. There are hurdles that hinder the creation of a collaborative framework, particularly in terms of security investment. The three main contributors to the slow collaboration process are:
- New processes must be devised.
- OT and IT security use different tools.
- Employees with varying skill sets and objectives must work together.
In addition, there is friction between OT and IT when it comes time to buy new products and services and make other decisions. Just 12 percent of participants reported that IT and OT were in alignment regarding decision-making, and 39 percent said there was tension between the two sides. This divergence has its roots in the traditional roles both sides have played. Historically, IT oversaw the whole organization’s security, and OT (until recently) didn’t have much reason to focus on that. The OT team only had to focus on industrial operations.
If OT security is to improve, the silos and the tension between OT and IT must be dealt with. As modern manufacturers continue to converge their OT and IT technology and systems, they must create comprehensive security strategies that overcome the threats and vulnerabilities of both environments.
OT and IT will need to increase their communication so they can coordinate decision-making efforts. IT has valuable experience about which solutions are best at defeating threats, and OT has expertise about the particular challenges and requirements of OT assets. Both sides must have a say in not only buying decisions for critical security products and services but also in developing collective policies and practices for security. This involves collaboration on activities such as tabletop exercises to get a stronger grasp of possible security issues and how to address them.
In the process of collaborating more on decision-making and strategy, OT and IT teams will also need to converge their security solutions. Seventy percent of survey participants said that for the sake of streamlining, they will combine solutions from both environments that come from the same cyber security provider. More than 50 percent of respondents plan to work with the same Managed Security Service Provider (MSSP) for both environments.
This kind of convergence requires effort. Not all providers have security solutions for both OT and IT, and manufacturers must make sure that their choice can provide security across both without stinting on either. Even with the effort required, 79 percent of participants feel confident that IT and OT security will be integrated and managed by a converged set of solutions.
Creating OT/IT Synergy
As threats become more numerous and sophisticated, manufacturers need stronger cybersecurity. OT and IT teams must coordinate and consolidate their efforts to meet this challenge – no longer can they safely work separately. The two realms are now inherently connected, requiring dissolution of silos and creation of a collaborative framework. This approach also needs a way to converge security tools and acquire solutions that can meet all the needs of the OT landscape.
These steps will create the synergy needed to strengthen industrial cybersecurity.