It’s rather unfortunate but cybercriminal activities tend to rise in times of increased stress and anxiety. 2020 has proven to show no shortages of both stress and anxiety and the proportional rise in cybersecurity attacks across all industries tend to prove this trend. Many times, these cyberattacks succeed for one of two reasons during more stressful times. 

  1. Increased stress in a company’s workforce result in more human error and overlooked security concerns. 
  2. A company overestimates just how comprehensive their cyberdefense efforts are. 

Both of these reasons are valid; however, with innovations such as blockchain and authentication practices doing their part in bringing the margin of human error down to very low levels, that naturally leads us to look at reason number 2 as the key culprit behind why many of these cyberattacks are succeeding. 

So if companies are overestimating their cybersecurity, where is the gap in their efforts? According to Fortinet, the problem may be lacking operational technology (OT) security. A recent survey of theirs reveals that 90% of organizations have experienced at least one  OT security system intrusion in the past year alone. 

What is OT?

OT, or operational technology, refers to systems in place that monitor and manage industrial processes and assets such as manufacturing and industrial equipment. Unlike information technology (IT) that deals with the hardware and software that manages the input and output of data, OT deals with the industrial computers and software that manages physical machines and processes that take place on the factory floor.

OT hardware and software is often employed to perform very specific, easier tasks such as controlling heat, monitoring mechanical performance. Oftentimes it’s not automated either, requiring human input in the form of pulling a switch or initiating a change in the normal mode of operation as opposed to more automated programs like AI or Machine Learning.

Unfortunately, OT has lost a bit of brand recognition as newer Industrial innovations have continued to blur the line between IT and OT. Hardware such as industrial panel PCs, for example, that would be used to simply monitor machine processes now run IT software that stores and manages data that dictates how machines are automated. It can get confusing and it’s very likely that one day these lines will blur so much that we will no longer need to differentiate between OT and IT. However, until that happens, manufacturers can’t get away with simply fortifying their IT security. Attention must continue to be placed on OT security as well.

IT vs OT Security: Key Considerations

On paper, OT security isn’t nearly as complicated and multi-faceted as IT security. This is because OT assets often run on a deterministic function. It’s either turned on or turned off and performs a single task such as managing a certain process. 

IT, on the other hand, is more dynamic. It draws in data from several sources and often performs different tasks based on different scenarios it’s faced with. Because of this interconnectivity with several different sensors, software, and hardware, there’s more opportunities for cybercriminals to make an attack. Usually, this requires a multi-tiered defense. Blockchain, authentication hardware, encryption, all of this is deployed to provide a full defense on the IT side of things.

 In contrast to this layered approach to security, OT defense often requires a smaller suite of control applications. But, just because the process of protecting OT systems is static doesn’t mean it can be overlooked. OT security best practices must still be followed.

OT Security Best Practices

The key to running OT security best practices is to run initiatives that don’t impede on efficiency. Unfortunately, this is easier said than done, as according to the Fortinet survey mentioned earlier, at least half of OT professionals feel security solutions get in the way of their productivity and efficiency. Thankfully there are some practices that can both improve your OT security and provide minimal interference into every day operations. In many cases, these best practices can even improve daily operations. 

Update Legacy Hardware

Like we mentioned, OT is pretty integrally linked to the hardware side of your manufacturing efforts. If that hardware is outdated and security is no longer supported for it, that’s a pretty obvious hole in your OT security plan. Malware that already exists and has existed for a very long time works against legacy systems that haven’t been patched in a while. Suffice to say, those using outdated hardware and legacy equipment aren’t necessarily giving criminals many hoops to leap through to gain access to their network. 

If your legacy hardware hasn’t been updated in a long time, it might be time to entertain different industrial PCs or even more portable tough tablet solutions. This doesn’t mean you have to give up on older software, it simply means finding a manufacturer who creates legacy software-compatible modern devices such as custom mini PCs that continue to receive support and customizations such as biometrics and ID authenticators that improve security.

Multi-Factor Authentication

Despite OT hardware being physical and having sway over physical facets of your operation, accessing it for the purposes of a cyberattack still happens digitally and off-site. And unless your cybercriminals are breaking into your plant and stealing computers off your shelves, stopping these criminals by creating more barriers for logging into your network and management software can be very effective.

We just mentioned earlier the importance of updating legacy hardware and finding manufacturers who can support security hardware implementation such as RFID and biometrics. To take this recommendation one step further, requiring multiple forms of identification adds another layer of defense to your OT hardware. Consider customizing your hardware with multiple types of authentication readers such as RFID scanners, biometrics, or even CAC readers that all require physical badges/identifiers. A criminal won’t be able to access these remotely even if they are able to steal an employee’s login credentials.

Boost Internal Awareness

Human error and slip ups are going to account for a lot of security threats as stress and anxiety continue to pile up. Thus, training teams on what to expect as far as cybersecurity attacks is advised. This becomes much more true as more of the workforce becomes remote. Educate yourself on the most popular means of cyberattack such as phishing scams and transfer that knowledge over to the teams who are managing important OT functions.

Threat intelligence networks can serve as a wonderful means of keeping these security concerns on top of mind. A threat intelligence feed, for example, is one component of these networks that can be implemented rather easily. Essentially, it is a real-time stream of data that can be integrated into most work management software. Once installed, the feed can constantly update users on points of concern such as suspicious domains, IP addresses associated with malicious activity that have visited the company site or network, and more.

The Lines Between IT and OT Security Best Practices are Blurring

In the industrial sector, many are already talking about IT and OT “convergence”, the point in time where IT and OT will blend together to the point of no longer being two separate entities. It’s likely that point isn’t very far off when you consider just how closely linked IT and data tech is employed towards empowering even the most base levels of operation on the factory floor. Until that point, however, OT is just as susceptible to cyberattacks as IT infrastructures and must be defended just as fervently. For more information on the hardware needed to boost your OT security best practices, contact a professional from Cybernet’s team today.