Story image

Why operational technology environments need to be secured

24 Oct 2018

Article by Honeywell digital operations, ICT and cybersecurity leader Mirel Sehic

Buildings are rapidly embracing digitisation.

Whilst the convergence of smart technologies and physical environments has greatly improved business operations and overall capabilities, this has led to increased vulnerabilities and attack vectors not previously encountered.

For years, this challenge has brought about a heightened focus and awareness around securing corporate and more traditional Information Technology (IT) systems.

However, Operational Technology (OT) environments, which house sensitive control systems, are often overlooked, leaving them vulnerable and liable to be the weak link in the organisation.

With the proliferation of IoT technology and the evolving digitisation of industrial environments, organisations in control of critical infrastructure, smart buildings and smart cities can no longer afford to ignore the growing cyber threat risks.

Now more than ever, increasing cybersecurity assurance in OT environments is front of mind for organisations.

Why OT may be a target

In recent years, the focus on cybersecurity has been on protecting traditional IT systems and tighter controls on information security, aimed at safeguarding personal and corporate data.

But with the rise of smart digitisation technologies and the ability to extract value out of previously disconnected or air-gapped OT systems, these systems start to enter a world they perhaps weren’t originally designed for and can become a new desirable target for cyber criminals.

The advent of IoT and the increasing demand for smart technology in a more-than-ever connected world is a major contributor to the increasing threat footprint in the OT space.

These systems have traditionally been out of sight for IT departments and have often not had the same level of monitoring, protections or oversight put in place.

As such, the OT environment may be plagued by misconfiguration, vulnerable hardware and software, poor cybersecurity practices, outdated network components, and lack of general cybersecurity awareness.

It may be a big mistake to believe that your organisation is not at risk of an attack.

The reality is that many OT systems are experiencing cyber attacks similar to IT networks.

IBM managed security services (MSS) data indicates there has been an 110% increase in attacks on industrial control systems since 2016 - a threat landscape that is predicted to grow at a phenomenal rate to 2020 and beyond.

Understanding the threat landscape

The threat landscape is continuously evolving, with new attack techniques discovered on an almost daily basis.

A first step to building a strong cybersecurity ecosystem is to have an understanding and awareness of attacker motives and common cyber risk scenarios.

Attacks are being carried out by various attackers including nation-states, industrial spies, cyber criminals and curious tinkerers, as well as incidents inadvertently deployed by negligent or untrained staff.

While attacker motives shift and change almost as fast as technology evolves, the top three motivations remain - financial gain, disruption of service and theft of personally identifiable information or intellectual property.

Within the smart building environment, control systems often present easy targets, with common cyber threat scenarios including:

  • Accessing building control systems
  • Disrupting power management functions causing business interruptions as shutdowns
  • Tampering with temperature settings on HVAC systems
  • Accessing internet-connected physical security systems
  • Improper network segregation using OT systems to potentially gain access to other, more secure, environments

By understanding the cybersecurity risks in OT, decision-makers are better placed to make smart buying decisions, implement targeted OT security controls, educate personnel in effective procedural measures and maintain enhanced cyber resilience across their environments.

Creating a cyber-smart strategy

Maintaining a more secure and resilient OT environment requires a wide-ranging strategy that includes employee training, implementation of security governance and process, as well as investment in the right technology.

There is no quick fix when it comes to cybersecurity.

However, as a first step, organisations need to establish an understanding of their internal threat landscape, mapped maturity level and assessed risk appetite.

A great place to start is by conducting a cybersecurity threat and risk assessment.

This process aims to detect vulnerabilities, determine quick wins and establish the cybersecurity maturity of an OT environment.

This assessment will serve as the foundation for an overall cybersecurity strategy, underpinning the processes and procedures for more holistic risk mitigation.

These strategies will often need support from C-level executives and will require clear communication from top-down to all stakeholders and staff.

A lack of understanding internally can often lead to a breakdown in cooperation and process, which can result in an incomplete execution of strategy and contribute to successful breaches.

Developing a cyber smart strategy is a journey – one that typically involves ongoing assessment of internal processes and procedures, staff awareness programs and adoption of suitable applications – all of which are specific to a set of defined organisational requirements.

While climbing the cybersecurity maturity ladder will take time, the key is to be informed and take the first step.

Ping Identity offerings accelerates cloud MFA and SSO adoption
90% of respondents trust MFA as an effective security control to protect identity data in public clouds, yet only 60% of organisations have formally adopted it.
Trend Micro introduces cloud and container workload security offering
Container security capabilities added to Trend Micro Deep Security have elevated protection across the DevOps lifecycle and runtime stack.
Veeam joins the ranks of $1bil-revenue software companies
It’s also marked a milestone of 350,000 customers and outlined how it will begin the next stage of its growth.
Veeam enables secondary storage solutions with technology partner program
Veeam has worked with its strategic technology alliance partners to provide flexible deployment options for customers that have continually led to tighter levels of integration.
Veeam Availability Orchestrator update aims to democratise DR
The ability to automatically test, document and reliably recover entire sites, as well as individual workloads from backups in a completely orchestrated way lowers the total cost of ownership (TCO) of DR.
Nuix eyes legal sector as eDiscovery demand skyrockets
eDiscovery must encompass so much more than email and documents. If you haven’t looked at text messages and online chats, digital images, mobile devices, data in the cloud and social media, you’re not getting the whole story.
EXCLUSIVE: Forcepoint global channel chief talks strategy
As a solution sold 100% via the channel, cybersecurity solutions company Forcepoint places a strong emphasis on its partner relationships.
Salesforce continues to stumble after critical outage
“To all of our Salesforce customers, please be aware that we are experiencing a major issue with our service and apologise for the impact it is having on you."