The year 2021 presented challenges for cyber security, specifically for operations technology (OT). There was a massive rise in the sheer number of cyberattacks on industrial targets, critical infrastructure, governments, and individuals.
Cyberattacks on OT networks have impacted operations in large manufacturing plants, critical infrastructure sites, utilities like water treatment plants, fuel distributors, and even hospitals. And as attackers get more experienced in attacking OT networks, they’re managing to cause increasingly severe damage.
Yet, despite the growing prevalence of attacks against them, some persistent myths remain about OT networks themselves and the actual dangers these attacks pose. To dispel some of these OT myths, OTORIO and Arrow highlight a list of common OT misconceptions, and what you need to know about the evolving field of OT cybersecurity.
Top 5 OT Cyber Myths
MYTH #1
Attackers prefer targeting IT, not OT systems or infrastructures
Historically, attackers focused more on IT systems than OT systems. Things have changed. Today attackers are specifically targeting OT networks that form the critical backbone of society, including power, water treatment, and industrial manufacturing facilities. As OTORIO’s CEO Daniel Bren highlighted in a recent blog post, we’re facing a ‘perfect cyber storm’ of legal, policy, production, and business risks for OT networks today. Critical infrastructure companies in general, and energy companies in particular, are consistently being targeted, meaning their OT networks – just like their IT networks – need a continuous risk assessment, monitoring, mitigation, and management.
MYTH #2
Air-gapped production floors are secure
Air-gapping solutions for the production floor and critical infrastructure were once considered effective against cyber threats to operational industrial processes, but this is no longer the case. Today’s production floor is connected – there’s no way around it. Connected systems streamline production management; however, they can expose OT systems to the outside world. Air gapping is a cybersecurity strategy that is no longer viable for industrial and critical infrastructure players.
MYTH #3
IT and OT security needs are separate
IT-OT convergence has created many new opportunities, but also many dangers. Industry 4.0 spelled the end of traditional OT-IT separation. When companies began implementing digital solutions in their OT networks to enhance automation, add smart devices, make data more available, and interconnect networks for convenience – the line between OT and IT networks blurred. OT networks are not only themselves more exposed. They also serve as gateways, facilitating easier access to IT assets in interconnected networks and access to native cyber-physical assets in the OT network itself.
MYTH #4
Intrusion Detection Systems prevent OT attacks
Industrial Intrusion Detection Systems (IDS) automatically detect malicious attacks based on sensors that monitor network traffic, analyze protocols, and perform Deep Packet Inspection (DPI) and anomaly detection. By design, this technology alerts and reacts to activities in the network. However, an IDS does not block or prevent attacks against OT networks. They uncover them. An IDS needs to be part of a comprehensive OT network security plan that includes both security technology and experienced staff to run it.
MYTH #5
With OT Security, you can “set it and forget it”
Just like IT security, OT security is not a static domain. A single machine may consist of tens of different connected assets in a rapidly digitizing industry. Machine manufacturers need to ensure that every device they deliver is secured and meets regulatory and customer requirements. What’s more, machines must remain secure not only upon delivery and commissioning but throughout their entire lifecycle. OT security requires that machine manufacturers constantly verify that their equipment complies with ever-changing security policies and threats, notify their customers upon discovering new vulnerabilities, and provide clear remediation guidelines in real or near-real time.
How OTORIO and Arrow Can Help
To meet the challenges of OT cyber security, OTORIO offers its cutting-edge OT cybersecurity platform and solutions alongside Arrow’s comprehensive portfolio of Edge Cybersecurity Services offering OT cybersecurity risk assessment, penetration testing, and incident response services. Together, OTORIO and Arrow help industrial and critical infrastructure stakeholders ensure the safety, efficiency, throughput, quality, and uptime of the devices, control systems, and networks critical for running industrial processes.
