The growing number of cyberattacks against critical industries, along with the increasing integration of advanced technologies like the mix of AI and the Industrial Internet of Things (IIoT), has highlighted the need for industrial organizations to take greater ownership of operational technology (OT) security. The cybersecurity industry has historically focused on information technology (IT) challenges; however, digital transformation has accelerated the convergence between OT and IT.
As business leaders continue to rely on IT security strategies to defend OT systems, the reality is that these methods often do not translate to the unique needs of OT.
Facing an escalating number of OT-related vulnerabilities and sophisticated cyberattacks, the gap among enterprises in specialized OT cybersecurity is increasing. In fact, according to ESG and ISSA, 54 percent of cybersecurity professionals say that the skills shortage has gotten worse over the past two years. So, hiring trained security professionals who can skillfully deploy, manage and maintain secure environments is becoming a daunting process.
With this in mind, let's explore the unique cybersecurity issues impacting OT environments and how to mitigate the ongoing "people problem” plaguing OT security.
The OT Environment is ... Unique
The imperative to bolster OT security arises from several crucial factors, ranging from physical safety to the necessity of zero downtime.
High-profile cyberattacks, such as supply chain and ransomware attacks like the SolarWinds and Colonial Pipeline breaches, targeted industrial control systems (ICS) and critical infrastructure systems (CIS). They underscored vulnerabilities within OT environments. These attacks emphasize the importance of robust cybersecurity measures that differ from the usual IT setups. Isolation in this case is key, as many OT systems limit connections as much as possible, and even remain offline.
OT environments control and monitor physical processes in industries like manufacturing, energy, and transportation, and the potential for cybercriminals to breach systems capable of causing physical harm to workers or disrupting critical resources like water and power, is imminent. Much more stringent controls are needed to keep the environment tightly closed but flexible enough so they don’t interfere with crucial business operations.
The zero-downtime rule adds to the complexity of the environment. While IT can be temporarily paused for upgrades and patches, OT systems, often decades old, cannot afford interruptions. The continuous operation of these critical systems, combined with the need for specialized support for outdated technologies, requires security leaders to identify the right mix of controls and tools.
The Complex ‘People Problem’
The long-standing IT-focused mindset that many CISOs and board members still have continues to affect critical OT security aspects, such as the hiring process. A lack of required skills significantly impacts the implementation of effective solutions aimed at handling ongoing threats within OT systems.
The most pressing hurdles to effectively securing OT environments without the necessary skill sets include:
- The Persistent IT-centric view of OT amid growing IIoT integrations . The integration of IIoT devices has introduced a complex 'people problem.' As businesses continue to accelerate the adoption of IIoT tools, their exposure to cyberattacks is substantially elevated. Yet, as vulnerabilities rise, there remains a gap in the necessary knowledge to defend against these new attack vectors and address the increased demand for vigilant defense. With the number of newly connected devices rising among enterprises, there must be more emphasis on acquiring skilled professionals to implement proper strategies. Skills are transferable. As CISOs in many organizations take the role of managing and safeguarding OT environments, they need the support of specialized teams to help them mitigate threats in their hybrid environments and bolster the security of critical operational systems.
- Accelerating automation without security considerations. Smart manufacturing facilities depend on automation (e.g., AI and ML) to enhance worker safety, operational performance and overall efficiency. However, AI technologies can’t protect themselves from cyberattacks. In fact, new AI models are often difficult to understand and require unique knowledge to properly secure. Without specialized skills to handle these ever-evolving systems, attackers can exploit the vast amounts of data that AI tools often require – leaving critical environments vulnerable to potentially devastating attacks. AI has been leveraged to enhance the work of industrial teams, but with an increasing number of people involved in the access and use of said tools, controls that safeguard these new implementations must be a priority.
Enhancing Security Through the People Process
The imperative to bolster OT security is undeniable, given the increasing number of cyberattacks, the growing integration of advanced technologies, and the unique challenges that OT environments face.
Technology alone won’t mitigate the attacks in OT security's’ evolving threat landscape. By integrating the specialized skills needed to secure OT environments, organizations will be empowered with the proper strategies and solutions to effectively defend against evolving threats. Ultimately, increasing the safety of their workers, and keeping their mission-critical systems up and running.