While information technology (IT) and operational technology (OT) technologies were long thought to be too different to integrate, the possibility of doing so has been on the horizon for some time. However, now that industrial facilities are initiating IT/OT convergence, they’re running into novel security issues. How can they safely merge IT and OT systems?
The Potential Security Risks of IT/OT Convergence
Industrial spaces are prone to cybercrime since they have a disproportionately high digitalization rate and tend to yield to cybercriminals’ demands to avoid costly downtime. Over one-fourth of cyberattacks in 2023 targeted manufacturers — the highest share among leading industries. IT teams cannot overlook this fact when integrating IT and OT systems.
Since IT and OT have historically been separate, integration-related security issues are bound to exist. Typical solutions won’t work until this technology becomes a staple in industrial spaces because out-of-the-box solutions are tailored for IT or OT — not both. Unless professionals devise an alternative, they risk data breaches and cyberattacks.
While IT/OT convergence technically consolidates resources and increases visibility, it still expands attack surfaces. OT is meant to be air-gapped from external networks because it lacks the defenses IT systems have. Increased connectivity makes it more vulnerable to attacks. Bringing it online and forcing it to share the same network amplifies risk.
Even if both ecosystems initially merge seamlessly, they may not stay compatible for long. IT systems advance quickly, requiring near-constant updates, bug fixes and improvements. Teams are inclined to integrate the latest add-ons to keep pace with technological development and ever-evolving standards. Conversely, OT technology is meant to remain the same for years or even decades. This divergence can create openings for cybercriminals.
The sudden surge in data volume post-convergence introduces more security risks, considering many IT teams are understaffed and overworked. They may struggle to review logs and monitor network activity, and OT operators lack the training to do so themselves, meaning indicators of compromise may go unnoticed.
How Security Becomes a Safety Issue in Industrial Spaces
As if the threat of cyberattacks wasn’t enough, organizations face safety threats as well. Since OT systems are supposed to be air-gapped, integration makes them vulnerable. Whether cybercriminals take control of sensors, actuators or controllers, they can cause malfunctions and unintended behaviors.
Hackers may use the uptick in integration cases to transition from targeting industrial spaces with ransomware to threatening physical harm. While avoiding downtime is a great motivator, IT professionals are developing better workarounds and safeguards against such attacks. However, they likely wouldn’t be prepared to handle machines going berserk.
This level of violence would require costly equipment repairs and workers’ compensation payouts, not to mention it would plummet morale. However, many leaders are ill-prepared to address the issue with a united front. Since most organizations lack a joint management strategy for convergence initiatives, duplicate and conflicting policies are common.
While IT teams are unfamiliar with operational specifications, OT operators lack security knowledge. This lack of overlap may result in an unnecessarily complex integration. If one updates code, changes access controls or adjusts permissions without approval from the other, they may break things. To safely merge IT and OT systems, they must work together.
Why Human-Centric Integration Is Vital to Success
Management may feel tempted to push forward with integration despite the risks to improve productivity and reduce costs. This decision would be unwise. Since workplace cultures and workdays are so drastically different, the meaning of top-down orders would become unclear. Progress will halt if workers don’t see the value in falling in line.
Decision-makers often overlook the human component of integration, assuming they must only consider technological compatibility. In reality, a human-centric approach is vital to success. Working together, sharing responsibilities and effectively communicating are essential for both teams.
Eliminating disparate process environments is key to a successful IT/OT convergence. Standardizing expertise, knowledge and duties across relevant internal departments and third-party vendors results in downstream efficiency, scalability and security gains. For these reasons, leaders must prioritize the human aspect.
How to Safely Merge IT and OT Systems
While no out-of-the-box solution exists yet, brands can safely merge IT and OT systems if they work these crucial steps into their roadmap.
- Secure and Standardize Communication
IT/OT convergence doesn’t singularly apply to technologies — employees in both departments must be effectively merged, as most of their responsibilities will overlap. Standardizing and securing their communication channels takes priority. They should be able to interact with each other and third parties without fear of man-in-the-middle attacks.
- Adopt a Common Software Platform
A common software platform enables facilities to consolidate resources, aggregate data streams, scale third-party reliance and support the latest industry standards. While adjusting to a new system takes time, so would finding a balance between managing IT and OT technology.
- Automate Tedious, Repetitive Processes
If teams are going to share responsibilities — effectively doubling their workload — automating tedious, repetitive processes is essential. After all, experts expect industrial automation will have a high degree of improvement in productivity and resilience by 2030. It facilitates seamless collaboration and allows professionals to address high-priority tasks sooner.
- Leverage IT/OT Convergence at the Edge
Deploying IT and OT technology at the edge involves placing devices, servers and data storage systems at or near the data collection location. Keeping everything local increases visibility, shrinks attack surfaces and closes entry points, reducing cyberattack risk.
- Secure the Internal Local-Area Network
A perimeter firewall is necessary to secure the internal local-area network, especially for those leveraging edge computing. Firms must harden their firewalls by using a default denial policy that only allows authorized traffic.
They shouldn’t unquestioningly trust prior authorization. Strong authentication measures and centralized monitoring tools are essential.
Ensuring Security and Safety Is an Ongoing Effort
As the frequency of IT/OT convergence increases and technology advances, industrial spaces may see security standards change and out-of-the-box solutions appear. However, they shouldn’t plan for a hypothetical, no matter how likely it is. Instead, they must proceed with implementation under the assumption that process optimization will require planning and effort.
Emily Newton is the Editor-in-Chief at Revolutionized Magazine. A regular contributor to Brilliance Security Magazine, she has over four years of experience writing articles in the industrial sector.
.
.
Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.