- October 15, 2019
By Rick Peters, Fortinet
Digital connectivity brings significant advantages to organizations, such as being more responsive to market demands and changes while gaining deeper insight into equipment and processes. Conversely, this shift in connectivity also increases the risk to critical elements such as control and automation operations that constitute the cyber physical.
By Rick Peters, Operational Technology Global Enablement Director, Fortinet
On a global scale, manufacturers are rapidly connecting and expanding their respective enterprise environments to the IT network. This new digital connectivity brings significant advantages to organizations, such as being more responsive to market demands and changes while gaining deeper insight into equipment and processes. Conversely, this shift in connectivity also increases the risk to critical elements such as control and automation operations that constitute the cyber physical.
According to a new IDC white paper on operational security for manufacturing environments, 88% of manufacturing operational assets are now connected to a converged IT/OT network. This is a strong indicator that digitalization efforts are transforming manufacturing environments, making them increasingly reliant on the availability of data to perform critical tasks. This ongoing IT/OT convergence should also be a catalyst for the implementation of robust security measures designed to protect these newly exposed environments.
The Challenges of Converging IT and OT Security Objectives
While security is clearly an important objective of such modernization, it is easier acknowledge the need than to accomplish in timely fashion. Historically, IT has owned the cybersecurity strategy for an organization, with the OT network often isolated from risk either through a hardened perimeter or by being air-gapped from the IT network. Now that the manufacturing floor is being connected to the IT network, the first impulse of the security team is to extend existing security devices and strategies into the OT environment.
This is often the first, and one of the most significant hurdles that need to be addressed when considering how to best secure the OT network. Even before connectivity is established between the IT and OT environments, security teams must gain a clear understanding of what new assets they are trying to protect. And the most effective way to do that is for the security team to proactively engage frontline OT personnel to identify the environment’s most critical assets and critical points of risk. The next significant hurdle involves aligning the objectives of the manufacturing environment with those of IT. The traditional priorities that drive IT security (confidentiality, integrity, availability, productivity, and Propriety) reflect quite the contrast to an OT environment where safety and continuous operations equate to unique abolutes (Availability, Integrity, Productivity, Confidentiality, and Propriety). In some manufacturing environments, ensuring the safety and security of workers, and even the surrounding community, is an even higher requirement – a concern that IT rarely if ever has to consider.
While not completely indifferent to maintaining data integrity and protection, the primary objective of the manufacturing operation is to safely optimize productivity and throughput while maintaining the continuity of operations. That unique posture is all about avoiding unplanned downtime due to a system failure or security event as such events can cost the organization upward of hundreds of thousands or even millions of dollars per hour.
Of course, IT has characterized financial concerns of its own that underpin the necessity of well defined strategies and countermeasures to address cybersecurity . In the US, according to one IBM study, the average cost of a security breach is $3.86 million, and in the United States, that number jumps to $7.9 million.
As a result, according to the IDC report cited above, “the notion of converging IT and OT is about finding a way to address the divergent priorities while safely enabling the best of modern technology capabilities. As manufacturing organizations seek to engage in IT/OT convergence, they must look for ways to overcome the biggest impediment to enacting IT/OT convergence: the issue of security.”
Getting to Common Ground
Addressing the convergence challenge requires that both the IT Security and OT subject matter experts be open to ways of approaching securing that are neither too restrictive, nor an impediment to production. They must also visualize security as essential to maintain business value and create trust with customers. This understanding can help guide the security team in how to best achieve those objectives.
One of the best places to start, according to the IDC report, is to understand the commonalities that can ensure alignment between the IT and OT teams. And more than anything else, that common thread in today’s global digital marketplace is data. Both IT and OT environments generate and rely on data, and it is the sharing of that information that is driving convergence efforts. But in protecting that data, two ideas must remain paramount: First, traditional IT security policies, while a reasonable starting point, must take into account critically unique OT priorities. Second, as cybercriminals increasingly target potentially vulnerable OT systems, any security strategies in place must be flexible enough to scale, adapt, and ultimately mitigate the growing sophistication of attacks without compromising OT’s operational objectives.
Companies that are able to successfully align their IT and OT security strategies with the digital goals of the organization will be better positioned to minimize the frequency and impact of security-related threats. At the end of the day, protecting these high value OT assets, including the physical manufacturing environment itself, is a common goal on which all key stakeholders can agree.
About the Author
Rick brings more than three decades of cybersecurity and global partnering experience working across foreign, domestic, and commercial industry sectors at the National Security Agency (NSA). As Fortinet’s Operational Technology Global Enablement Director, he delivers cybersecurity defense solutions and insights for the OT/ICS/SCADA critical infrastructure environments. Prior to Fortinet, Rick led development of cyber capability across Endpoint, Infrastructure, and Industrial Control System technologies. Previously, Rick also served as an executive leader supporting the Information Assurance Directorate at the NSA.Learn More
Did you enjoy this great article?
Check out our free e-newsletters to read more great articles..Subscribe