IT/OT Integration success can be attributed to three key elements: people, process, and technology.
According to the U.S. Department of Homeland Security, operational technology (OT) operators were the most targeted sector of industrial cyber-attacks in 2015, making IT and OT integration more important than ever for industrial businesses.
The introduction of networks into the industrial space has created a more efficient and capable production environment by enabling simultaneous communication to multiple devices. The ability to constantly monitor the systems’ health, track their operation time, and receive instantaneous alerts to potential failures gives the operational branches of the industrial businesses great advantages in maintaining productivity. While this is great, the reality is that most OT functions lack the requisite security to protect unauthorized access from external sources.
Until recently, these distinct technologies were kept entirely separate from one another. Accordingly, the departments that operate them had few, if any connections.
– How IT/OT Collaboration Holds the Key to Manufacturing Security, Infosecurity Mag
Successful integration of IT/OT environments can be measured through the lens of the cybersecurity triangle – people, process, and technology. In fact, every aspect of a cybersecurity program can be assessed using the cybersecurity triangle approach because each element must be in place to maintain a secure environment. For example, while technology is an important part of cybersecurity, it cannot protect an organization without people and process. This approach enables stakeholders to identify the strengths and weaknesses of the current security environment and act accordingly.
By improving OT/IT collaboration, any organization using an industrial network, be it a critical infrastructure or manufacturing site, can improve its security position and enable IIoT business opportunities.
– How IT/OT Collaboration Holds the Key to Manufacturing Security, Infosecurity Mag
Using the cybersecurity triangle, let’s look at the three essential elements of a security program: people, process, and technology.
OT/IT People
More than any other aspect of the OT/IT integration, people are the most important aspect of the equation. While all three sides are necessary, the gap which exists in the people aspect for successful OT/IT integration is the largest. The gap doesn’t exist because of any negligence or lack of understanding of the issues, but it does exist because the processes required to resolve the gaps have not been given the correct priority.
The OT world, as discussed in my last post, has been a rather enclosed world since its inception. This was due to the specialties required to operate in the OT world. For the Energy sector this means electrical engineers. They are the backbone of the OT environment. This backbone does not have the training, knowledge, or security acumen to properly address a networking OT environment. This is not because of a lack of interest, but mostly due to a lack of time and resources.
The best way to address the people problem is through training. Electrical engineers need to take an interest in cybersecurity courses to understand how the networking world functions. They do not need the in-depth courses some may be thinking of, but an overview of the risks and concerns in a networking environment. This will bring a level of understanding to the OT environment, but it will also enhance the attitudes of the OT engineers when security measures are implemented. No one enjoys the additional security controls to protect a network (ok, maybe some do), but by showing the risks involved by not following security protocols, the electrical engineers are more likely to follow those more restrictive procedures.
The other aspect of the people equation belongs with the IT personnel. IT personnel are primarily concerned with keeping the network running and implementing controls to ensure the greatest amount of uptime. This is not too different from the OT personnel, but IT personnel have a little bit of a leeway as their outages only affect the business and not the entire region. Yet the IT personnel need to understand the requirements of the OT environment. While the ICS/SCADA portion of OT has been networked and controlled for a long time now, the OT environment consisting of substation assets is relatively new for networking technologies. By ensuring both the OT and IT personnel understand the requirements of the others working environment will the personnel gap be closed.
Stay tuned for part two covering the process and technology aspects of a successful OT/IT Integration.
Idenhaus Consulting specializes in Identity and Access Management (IAM) and enterprise Cybersecurity to help organizations solve the most challenging IAM problems. Contact us for more information.
