By Zac Amos
Guest Author
The lines between IT and operational technology (OT) are blurring. Once-air-gapped technologies like industrial control systems (ICS), physical access controls and building management systems are coming online in a shift known as IT/OT convergence. While this movement has many tangible business benefits, it also introduces unique cybersecurity concerns.
What Is IT/OT Convergence?
IT/OT convergence connects IT and OT systems to form a cohesive, interconnected technology environment. The Internet of Things (IoT) is at the heart of this connectivity, which brings previously offline OT systems into company networks. By connecting these systems, organizations can access industrial machines remotely, control building functions from their phones, expand automation and more.
This convergence is proliferating, with 72% of organizations in 2022 implementing industrial IoT initiatives, up from just 25% in 2019. That growth means IT/OT convergence is quickly becoming imperative to stay competitive today, but businesses must consider this movement’s risks to use it effectively.
IT/OT Convergence Security Risks and How to Address Them
Bridging the gap between IT and OT can make workplaces more efficient and offer more control, but it also exposes OT to once-IT-exclusive cyber threats. Similarly, it can jeopardize IT security through connected OT’s weak spots. Using this technology safely begins with understanding these risks.
- Minimal Built-in Security in OT: One of the most significant cybersecurity risks of IT/OT convergence is OT systems typically lack the built-in security infrastructure of IT. That hasn’t been an issue in the past because these devices were only accessible physically. As convergence gives them remote accessibility, it introduces the risk of attackers remotely taking control of these systems, leading to more than 40% of ICS devices experiencing an attack. As new industrial IoT technologies emerge, you’ll have more secure options. In the meantime, you can manage these vulnerabilities through network-level protections. Segmenting networks to install firewalls closer to each system, encrypting all network traffic and restricting access permissions can all help. Continuous monitoring is another key step to addressing these vulnerabilities. Automated network monitoring can catch and isolate suspicious activity to mitigate attacks that OT’s limited protections fail to prevent. Similarly, some security systems enable AI monitoring of video footage to watch for physical access privilege abuse.
- Lateral Movement: Connected OT’s vulnerabilities also introduce the risk of lateral movement. Once inside a more easily hackable OT system, attackers can use its network connectivity to move to and affect other, more sensitive devices. Consequently, organizations implementing more industrial IoT endpoints may unintentionally create multiple entryways to bypass critical systems’ security. Network segmentation is the most important step to address this risk. If you host industrial IoT systems on separate networks than more sensitive IT endpoints they don’t need to connect to, you reduce what attackers can access once inside. It’s also important to enact identity and access management controls on a device level, not just for users. Each endpoint should only be able to connect to and access what it needs to function correctly, and you should have a method for verifying device identities to grant this access safely. Keep in mind that achieving that requires increasing network transparency. Enterprises manage 135,000 endpoints on average, but 48% of these devices fly under IT’s radar. Use automated discovery and monitoring tools to find all the endpoints on your network to enable more effective access restrictions.
- Employee Error: IT/OT convergence may also increase human-error-related cybersecurity risks. The workers who manage OT systems — especially in industrial settings — aren’t used to dealing with cyber threats, as these have traditionally been exclusively IT issues. As a result, they may be more likely to make mistakes or misunderstand best practices. Increased cybersecurity training is the solution to this threat. Each employee today should undergo training on security best practices because IT/OT convergence makes every system potentially vulnerable to cyber threats. This training should occur during onboarding and as regular refresher courses throughout workers’ tenure. You can also boost compliance with cybersecurity policies by designing them to be the easiest way to operate. Repetitive security steps can lead to cybersecurity fatigue, where employees become complacent and ignore best practices. Streamlining these steps through automation and more efficient protections like single sign-on or biometric authentication will stave off that complacency, minimizing insider threats.
Successful IT/OT Convergence Requires High Security
IT/OT convergence is a vital part of Industry 4.0, but it will cause more harm than good if businesses don’t address its unique security concerns. By the same token, if you recognize and address these risks, you’ll maximize the potential returns of your IT/OT convergence initiatives. Security begins with knowing what risks you face. Staying on top of industrial IoT cybersecurity trends will help you use these technologies safely.
Zac Amos is the Features Editor at ReHack, where he covers cybersecurity news and insights. He is also a regular contributor at DZone, ReadWrite, and HackerNoon. For more of his work, follow him on LinkedIn or Twitter.