Accelerated by the COVID-19 pandemic, digital transformation swept the globe last year– and the once isolated, self-sufficient haven of Operational Technology (OT) has been thrust into the frontline of change.
Typically existing much longer than IT, OT hardware and software keeps things running – managing, monitoring and controlling industrial operations. However, the new IT-OT convergence trend and the Industrial Internet of Things is shaking things up, both from a technology and people perspective. The result is that major opportunities and major vulnerabilities are being introduced to industrial organisations.
To put this tsunami of change into context, Cisco estimated that the number of IoT connected devices would reach 50 billion this year (up from 20 billion in 2015). And this growth is only expected to accelerate from there, leading to connectivity for innumerable new devices. According to SAFEATLAST, the greatest concentration of these new IoT devices will be on the factory floor, which will account for just over a quarter of the market. Other key sectors are likely to include healthcare, smart cities, connected cars and transportation.
Industry 4.0
There is no denying that digital transformation is a catalyst for change and it brings with it a host of benefits for organisations, offering new peaks of productivity, efficiency and innovation. Teams are more effective and collaborative, and organisations are reaping the rewards.
When we think of manufacturing as just one example, OT to IT will enable multiple benefits such as improved efficiency and productivity as we start to see automated and data driven process. We will also start to see fewer costs and better ROI with systems managed remotely – to name but a few benefits that this will bring.
It is easy to see the positive side and why this is so enticing to organisations. However, it’s not all good news. Vulnerabilities can also arise as each new connection of OT to IT creates an entry point, potentially opening up fresh avenues of risk. The harsh reality is that IT-OT convergence is a breeding ground of mixed technology (old and new) and exposed endpoints, yet it still needs direct IT access to critical infrastructure.
What happens with IT-OT is that the legacy systems become exposed and ill-prepared and unprotected, leaving them vulnerable to cyber-attacks. As mentioned earlier with OT equipment lasts longer – it can mean that the sturdy Windows 95-based PC all of a sudden becomes comfortably integrated into the production line. Over the years the system will have worked perfectly fine, but it would have been safely segregated and isolated. This type of older technology is simply not fit for purpose when connected to today’s modern hybrid web of IT, cloud and standard-based applications which have lifecycles of months rather than decades. They are ill equipped to defend against sophisticated threats and put frankly, it can even be a challenge to connect the legacy technology to current cybersecurity solutions.
What does this all mean? The upshot is that billions of real-time data from all over the value chain could be at risk of exposure and in danger of being exploited.
Cybersecurity is no longer an option
With powerful equipment vulnerable to cyberattacks, hacks, or shutdowns, the manufacturing industry can ill-afford to put physical safety and human life in danger, the consequences are simply too high and reach far beyond financial losses. The same also applies to other sectors as we start to think about healthcare, smart cities and connected cars.
With each manufacturing person likely to have more than 1,000 IoT devices and gateways and each of these connected to tens of CNCs or PLCs, acting as digital twins of the manufacturing floor, you can see just how extensive the perimeter and number of privileged users accessing highly sensitive IT systems truly is. And there’s no getting round the security either - industrial organisations need to provide workers with privileged access to their critical infrastructure, so they must ensure that every connection – whether on-site or from a remote source – is controlled and monitored.
New Access Management technology is starting to provide manufacturers with a way to control and manage connections into systems without hindering efficiency, initially a concern for many. It’s helping by allocating - and revoking where needed - elevated privileges specific assets and blocking resources, even on the same network. Importantly, given the mass migration to working from home (data from the ONS indicated that 24% of UK workers were operating exclusively from 2020 and there’s no doubt this is much larger figure when taking into account those working flexibly), it’s able to create secure remote connections for external maintenance operations.
Other benefits include being able to monitor and record all privileged sessions for auditing and incident response needs and it helps to define and automatically terminate unauthorised actions.
Ensuring privileged accounts are wielded by the proper user through identity management is another consideration taken into account by access management, applying the principle of least privilege via just-in-time assignment of permissions to access IT infrastructure. Endpoints are also protected – critical for eliminating the risk of local admin rights.
Adapt, adopt, improve
It’s really important that with rate digital transformation at an all-time high, that due diligence is carried out too – so that industrial organisations feel empowered to move forward and take advantage of the many opportunities afforded by the convergence of IT-OT, without fearing a catastrophic security breach.
Cybersecurity has to be core to the transition and heavily involved when merging the two cultures and two worlds that until now have operated so independently. Industrial organisations must go beyond the age of perimeter security applications such as firewalls and antivirus solutions and start looking at privileged access management to truly secure their future and place in the ultra-connected world.