Understanding the Impact of IT-OT Convergence on Cybersecurity:

An Engineering Viewpoint

Understanding the Impact of IT-OT Convergence on Cybersecurity

Thank you for reading Understanding the Impact of IT-OT Convergence on Cybersecurity Authors: I. Nitin Jain Global Delivery Head, L&T Technology Services II. Atanu Niyogi Senior Delivery Manager, L&T Technology Services

The pace of digital transformation is picking up. A direct result of this journey has been the growing convergence between IT (Information Technology) and OT (Operational Technology). Seen as two distinct functional areas even a few years ago, the increasing overlap between the two key technologies has accelerated the development and deployment of IIoT (Industrial Internet of Things) solutions. These include network sensors for remote monitoring and smart systems for a whole range of areas including energy management – driving production optimization and enhanced business efficiency across industries.

The expansion of the IIoT ecosystem is proving to be a game changer, with complex machinery now being installed with sensors and managed by advanced analytics solutions. Organizations are leveraging the growing convergence to derive a single view of their industrial systems, delivering accurate information to the relevant decision makers at the right time and in the best format.

This transition from manual to automated systems has, however, resulted in a host of new security risks that need to be addressed effectively. Manufacturers need to strategize effective means of mitigating these challenges as industrial systems become more interconnected and hence, more vulnerable to a breach or a cyberattack. The disruption caused by a cyberattack, with its concomitant costs to organizational reputation and machinery, therefore, are some of the key factors driving manufacturers to seek new ways of protecting their industrial networks.

Cybersecurity Threats: A Looming Specter

In the last decade, several malwares including, Aurora, Havex, NotPetya, and Stuxnet have laid bare the cyber vulnerabilities stemming from a breach in the organization’s OT network. While steps have been taken to counter these known threats, new challenges continue to emerge.

The urgency of mitigating these cyberattack incidents is underscored in the survey by the Ponemon Institute and Tenable, which reported that about 90% of the IT decision-makers surveyed were upfront with the fact that their organization had suffered at least one cyberattack in the past two years. 66% of the respondents further admitted to being at the receiving end of these incidents at least twice during the same period.

Ensuring Security in the OT landscape

From an IT perspective, cybersecurity is concerned with ensuring data integrity, availability, and confidentiality. However, this mindset needs to undergo a change when handling OT environments, where the priorities are around ensuring the reliability, uptime, maintainability, and safety of a range of mission-critical systems. These systems include such vital components like SCADA (Supervisory Control and Data Acquisition), ICS (Industrial Control Systems), and DCS (Distributed Control Systems).

What we need to realize here is that the IT technology landscape changes every three years, while the OT framework is in place for usually decades, if not more. As a result, most of the OT implementation falls behind the evolving cyber threats, the result of which does not require elaboration.It is primarily due to this inherent legacy framework that OEMs are currently focusing on improving their OT reliability, safety, and OEE (Overall Equipment Effectiveness) by leveraging the potential offered by enterprise networks and the internet. While the convergence exhibits the potential for helping organizations develop a robust stance against cybercrimes, it also comes with a series of risks if these are not managed properly.

Business leaders must therefore increasingly focus on the three following barriers as they drive towards integrating their existing IT-OT infrastructure:

1. The security stance adopted by their respective IT and OT teams

2. The lack of security expertise in the legacy OT environment

3. Continuity of the operations running on legacy technologies

In addition, organizations must also take stock of their existing distribution of responsibilities around security, and the absence of suitable skills and tools to counter the cyber threats. The skill gap was highlighted in an online survey by leading cybersecurity firm NTT Security, where it was found that the lack of skills is one of the key challenges facing companies trying to address their cybersecurity risks. What needs to be noted here is that a majority of IT decision-makers are still unsure about who is responsible for driving OT security within the organization, a confusion that adds to the chaos.

Attaining Cyber-Resiliency: The Necessary Steps

Overcoming current cybersecurity loopholes and improving the organizations’ current stance towards OT security requires the implementation of a joint IT-OT cybersecurity strategy. While this may initially seem to be an unattainable target owing to the existing boundaries between IT and OT, businesses need to explore all possible avenues to create a plan for combining their capabilities in this area.

Given the fact that IT-OT convergence is not an industry-specific phenomenon, the resultant cybersecurity strategy will vatu across domains and verticals. Organizations must therefore keep the following in mind while defining their individual security roadmaps:

Assess threats and vulnerabilities:
An effective cybersecurity plan is built from the ground-up through an astute and exhaustive assessment of potential IT-OT risk scenarios. Since these two independent environments have historically relied on disparate technology stacks, a disconnected analysis of vulnerabilities will never yield an accurate picture. Companies must therefore lean towards a seamless knowledge sharing mechanism between these two groups to facilitate a deeper understanding and better realization of cross-silo synergies. Horizontal integration through cross-training of the IT and OT teams on system vulnerabilities in the twin-technology ecosystem can prove to be a gamechanger.

Establish clear roles and responsibilities:
Historically, the members of the IT and OT teams have had different responsibilities. As the two ecosystems continue to merge, the practitioners in their domains can face challenges arising from confusion and uncertainties about their role in the new environment – a scenario that can undermine the overall security focus. Clearly establishing the roles and responsibilities of all members at the initial stages is, therefore, a vital step towards a smooth transition and is key towards establishing a strong foundation for cybersecurity. However, organizations should also remember here that IT-OT security needs to be recognized as a single function under a unified leadership that understands both IT and OT equally well.

Redefine Existing Processes:
The converged landscape would involve leveraging IT to make optimum use of OT. Processes would play a key role in this ecosystem, as the ability to leverage the OT data streams using IT resources will be the key determinant of success. In the absence of clearly defined processes that can adequately leverage and ensure security of the data streams, the unified system could potentially be hamstrung by a host of risks including, data theft; malware, insider, or zero-day attacks; and many more. Robust processes that can help avoid these scenarios would therefore be vital for a reliable IT-OT cybersecurity strategy.

The Road Ahead
The IT-OT convergence trend will continue to strengthen as organizations become increasingly aware of the benefits of real-time data analytics and the subsequent informed decision making by leveraging their IT-enabled assets in the OT space. While this would also lead to the rise of new cybersecurity challenges, collaboration between the IT-OT teams would be vital in mitigating these risks. IT providers would need to think beyond mere data security, and look to incorporate RAMS of OT systems as an integral part of their testing and development model, while OT practitioners would need to embrace the new frontiers offered by IT. Only then would we have a secure and unified ecosystem that ensures continued business success.

LTTS Advantage
LTTS has a holistic vision towards developing and delivering the next level of cybersecurity for plants. As a major global ER&D company with robust capabilities in the cybersecurity space, the Company has several long-standing partnerships with global ICS OEMs and is acutely aware of the developments in the domain.

With a deep knowledge of OT Security, LTTS team has helped successfully driving several plant security assessments and implementations of secure process, network in the manufacturing, O&G sector. It is attuned to the unique challenges facing its customers and is constantly upgrading skillsets and offerings for unlocking business value across verticals and industries.