New developments are also undermining the adequacy of current OT cybersecurity strategies. Increased remote access, particularly from personal devices, has expanded ways for attackers to compromise critical systems. Digital transformation has also weakened OT system defences through broad connectivity with cloud apps & external systems and through the introduction of potentially insecure, unmanageable IoT devices.
A more challenging threat environment is further pushing the limits of what is required to protect industrial systems. Nation-state attackers and cybercriminals are using sophisticated techniques and malware that overcome traditional defences. Industrial companies need active defence programs to stop sophisticated attackers before they impact operations and threaten worker safety.
The safety and operational risks of operating facilities with these kinds of cybersecurity gaps shouldn’t be accepted. Smart companies will invest in people, processes and technologies to ensure that defences are properly maintained, new developments are properly addressed and the impacts of sophisticated attacks are minimised.
IT/OT cybersecurity convergence addresses security gaps
While companies increasingly appreciate the serious gaps in conventional industrial cybersecurity programs, addressing these issues is challenging. The global shortage of cybersecurity professionals, particularly those with OT experience, makes it difficult to hire additional staff. Operating constraints limit the access that security teams need to keep defences updated. Emphasis on isolation as the primary defence constrains visibility of vulnerabilities and abnormal system behaviours.
An onslaught of new cybersecurity challenges also diverts everyone’s attention from existing problems. Today, security teams have to develop security strategies for cloud data-in-motion & at-rest, apps that are being moved to the cloud, remote access users and all their devices, the security of new IoT devices and embedded systems and provide secure environments for edge compute platforms. The fluidity of all the deployment options makes it impossible for companies to maintain security unless they have:
End-to-end security solutions that span every endpoint and communication pathway
Centralised management of consistent security policies
Zero trust security for every step of every system interaction
Though plants and facilities will struggle to make the needed investments in OT cybersecurity, most companies already have IT security teams to deal with these issues. Those that don’t will certainly need to make investments in IT security. Converging IT and OT cybersecurity programs provides a way to leverage these capabilities and investments to improve OT cybersecurity.
There will always be core OT-specific cybersecurity issues that require unique people, processes and technologies. But this doesn’t mean that they can’t be addressed as part of a converged cybersecurity program. Trying to maintain siloed IT and OT cybersecurity programs will only frustrate efforts to address existing & emerging security challenges and increase the risks of deploying new business strategies that integrate traditional IT & OT systems with cloud, IoT and mobile solutions.