Operational Technology (OT) Security a Top Priority for CIOs
The convergence of operational technology (OT) and information technology (IT) networks has created a complex environment increasingly vulnerable to cyberattacks, a challenge compounded by a backlog of legacy systems, an expanding attack surface and an overstretched workforce.
According to the Cisco report, conducted with Sapio Research which surveyed more than 1,000 industry professionals from 17 countries and 20 sectors, including manufacturing, transportation, logistics and energy/utilities, 89% of industry professionals cited cybersecurity compliance as critical.
The vast majority (92%) of executive leaders said they recognize the value of a unified cybersecurity solution.
However, 41% of firms report that their OT and IT teams work independently, indicating a significant need for improved collaboration.
Nearly half (48%) of respondents said they view AI as the most significant technological advancement poised to impact industrial networking in the next five years, with 49% expecting AI to improve network management across IT and OT.
Additionally, 63% of respondents have increased spending on industrial infrastructure over the past year, reflecting a proactive approach to addressing these challenges.
Global Events Spur OT Security Push
Richard Springer, director of OT solutions at Fortinet, said there has been an elevation of OT cybersecurity and production risk due to recent global events.
“Moreover, companies’ risk awareness processes are raising the prioritization of OT security to a corporate level,” he said.
He added these efforts are being led by the CISO and/or CIO, which often includes additional funding and resources to more adequately address their OT security posture.
Springer explained challenges in converging OT and IT come in a wide spectrum of complexity and maturity for OT organizations.
“At the most basic, organizations are connecting their OT networks for the first time, eliminating the so-called airgap from the internet,” he said.
On the other side of the spectrum, there are OT organizations that building out an OT security operations center (SOC) or they’ve progressed to a joint IT/OT SOC.
Springer noted legacy systems and older OT devices, sometimes more than 20 years old, pose a tremendous challenge in these organizations.
Although these devices are very reliable, many were produced in a time when cybersecurity wasn’t a reality.
“Thus, the OT devices, because of the challenges around patching, are vulnerable and can’t be upgraded to include cybersecurity features,” he said. “Fortunately, there are several mitigation techniques, or compensating controls for these legacy and vulnerable OT devices.”
The use of a modern next-generation firewall (NGFW) with security services included will provide a secure network connection that can understand OT network, or OT protocol, traffic.
Communication Between OT, IT Teams
Jose Seara, CEO and founder at DeNexus said as a starting point, executives must understand the nature and severity of the cyber risks they face in the company’s OT environments, and not in terms of the number of CVEs or other technical metrics but business metrics such as value at risk and probability of cyberincidents.
From his perspective, quantifying cyber risk in financial terms and potential damage to the business (business interruption, loss of productivity, extortion, third-party liability) leads to better collaboration with the executive and board members to justify taking steps and investing in mitigating risk on OT environments.
“OT and IT teams often work under different constraints and with different goals,” he said.
If not under the same management, it might be important to allocate IT resources to be the point of contact with OT and vice versa, with the goal of building respect and trust and starting an active collaboration with common goals.
“IT and OT leaders should communicate and collaborate constantly to align their initiatives and planning cycles and, most importantly, build trust,” Seara said.