Why You Need Both IT and OT Cybersecurity
It's important to focus on both IT and OT security. Focusing on one more than the other could have disastrous consequences.
Join the DZone community and get the full member experience.
Join For FreeWith cyberattacks becoming more prominent and severe in today’s society, it’s no longer sufficient to focus on only information technology (IT) or operational technology (OT) to keep systems safe. While IT concerns an organization’s online infrastructure, OT extends to the connected physical devices it uses, such as smart sensors on manufacturing equipment.
You need cybersecurity for both to maintain resiliency across an organization. Here’s a closer look at why both are necessary today and for the foreseeable future.
Industrial Connectivity Rising
The outlook for Industrial Internet of Things (IIoT) devices shows significant expected growth. One source indicated that the IIoT global sector was worth $263 billion in 2020. However, by 2028, it could surpass $1 trillion.
Many company leaders invest in the IIoT because they believe doing so is a viable way to increase overall production levels, decrease costs, minimize error rates, and more. Those benefits are possible, but a severe cyberattack could cancel them out and bring other challenges.
Another thing to keep in mind is that the lines between IT and OT security are often blurred. For example, an intrusion attempt might start with a phishing email opened and engaged with by an unsuspecting team member. That instance could create the main entry point that lets a hacker break into a system and cause far-reaching damage. Some of it may extend to the OT devices used in the everyday running of the organization.
These realities should not discourage decision-makers from implementing connected devices into their organizations. But, they must realize that increasing connectivity could cause cyberattack risks to rise, too.
One 2021 study indicated that 44% of organizations experienced a cyberattack that involved an IoT or OT device. Moreover, half of the respondents said that such attacks had increased or significantly increased over the past 12 to 24 months. In 39% of cases, cybercriminals targeted the device itself. Then, in a slightly smaller (35%) segment of instances, the perpetrators leveraged a connected product to launch a broader attack.
These takeaways show that online criminals often specifically seek products to exploit. Preparedness within the OT and IT teams is one of the best ways to combat such events.
Segmentation Could Be the Downfall of Industrial Cybersecurity
Historically speaking, the IT and OT departments often existed in separate realms. However, that kind of siloed approach doesn’t work well for keeping cyberattacks at bay.
Cybersecurity expert Rick Driggers explained that IT teams can’t protect assets they don’t know exist. He said, “You have to know and understand what OT assets you have in your environment. You have to understand how they are configured and ensure the configuration is to correct specifications. And you have to have those consistent policies and plans to be able to understand what your OT environment looks like at any given time.”
However, having the two teams work together on IT and OT security is not always straightforward. If the groups have never collaborated, they may have drastically different values and priorities, plus experience difficulty seeing how their actions could have larger impacts. The siloed approach may also mean the two teams lack a frame of reference that lets them see other perspectives.
Experts recommend focusing on the people aspect of OT-IT collaborations. That could entail having a series of meetings where the goal is to identify the shared priorities and responsibilities of the two teams. Anything that helps them see there are not as many differences among them as they first envisioned is a good start for a fruitful partnership. After finding that common ground, the next step might be to have the two groups work together on a small IIoT pilot.
It’s unrealistic to expect the IT and OT teams to start working together productively only a week after meeting each other. It becomes easier to lay the groundwork for progress once each group realizes the role they play in keeping the organization safe.
Strong Cybersecurity Supports a Company’s Reputation
Industries ranging from pharmaceutical to food and beverage have experienced the benefits of OT-IT collaborations. If you’re still on the fence about the need for IT and OT security, consider how an attack could harm the organization’s reputation within its industry and beyond.
Consider an intrusion that affects the company’s email and order management systems. Representatives may not be able to fill any incoming customer requests or even know when those correspondences arrive. People who do business with the affected company may get the impression that it’s unreliable and not worth the trouble.
Then, if the cyberattack affects OT systems, it could have a direct and negative impact on production quality, depending on what access a hacker can get. The intruder might tamper with the chemical levels in a delicate process or remotely alter a machine’s alignment. Both of those tweaks could result in product defects that cause recalls and even get people sick or injure them.
These examples show that a cyberattack often does not stay contained to one department. That’s why decision-makers should pay attention to OT and IT security without putting too much focus on only one of them. Members from both of those teams should be able to agree that protecting a company’s reputation is an effort that can bring increased profitability and resilience.
Ransomware Is an Increasing Threat
Investing in IT and OT security is also a proactive strategy against ransomware. Such attacks can cause substantial data loss and disrupted operations. Moreover, paying the ransom is not necessarily a reliable way to get the stolen information back and begin to rebuild.
A study of 2020 ransomware attacks found 56% of affected organizations paid the ransom. However, only 29% got full data restoration after that. Nearly a third (32%) reported losing a substantial amount of information despite paying the ransom.
Research conducted elsewhere polled IT and OT professionals about their specific experiences with ransomware. The results showed that 80% of respondents had experienced a ransomware attack in the past year. Plus, more than 60% paid the ransom, which usually meant giving at least $500,000 to the attackers.
Another finding was that more than 65% of those polled reported their vulnerability management strategies as moderately to highly proactive. However, the study also revealed that almost 30% of people who responded said they shared passwords. Additionally, only 44% reported using VPNs.
Even when teams think they have proactive methods against ransomware, the attacks still occur. This is another reason why you can’t and shouldn’t overlook IT and OT security.
IT and OT Security Are Essential to Keep Organizations Safe
Connected technologies can open new opportunities for the organizations that use them. However, they can also broaden the attack surface for cybercriminals. Having an all-encompassing defense means letting the IT and OT teams work together to continually enhance security and identify the areas for improvement.
Opinions expressed by DZone contributors are their own.
Comments