June 21, 2019 By Michael Rothschild 3 min read

In the world of IT security, there are not many instances in which data is lacking. The issue is more often what to do with the mountains of data once you have it. Due to this deluge of information, security administrators need to reduce false positives and generate more accurate data to escalate the threats that matter and sift out the noise.

Of course, there are many tools available today to help you harness data to prioritize threats in your IT network. But can that same data help with threats in your operational technology (OT) network?

3 Things You Should Know About IoT Security for OT Networks

Conversations about cybersecurity often revolve around personally identifiable information (PII) and financial breaches. But industrial processes for automakers, pharmaceutical manufacturers, power and utility companies, and other types of businesses require protection from any incident that can negatively impact the product yield. If threats are targeted toward ingredient amounts, temperatures, air bags, or any other element core to productivity or human safety, the impact can be far worse than that of stolen credit cards.

Let’s consider three of the most critical factors affecting internet of things (IoT) security in operational technology environments.

1. IoT Security Is a Moving Target

Security is constantly evolving. Today, organizations face more heterogeneous audiences that access more applications from more devices in more places, exposing the organization to new attack surfaces. The responsibility of securing the operational zone’s network and all the ways it can be impacted further complicates the mission and creates new requirements for skills and resources. At the same time, attack vectors all around are increasing due to new IoT security threat variants, vulnerabilities and methodologies.

In addition to external cyberattacks, system errors, misconfigured equipment, malicious insiders, compromised employees, and third-party contractors with access to both IT and OT networks are all growing parts of the equation. Even regular, nonmalicious maintenance workers can pose a threat to productivity and safety.

This rise in overall risk has forced the security and operations communities to come together, seek and deploy appropriate security that can grow with the organization, and address evolving security threats to guard it from a potentially catastrophic incident.

2. The Internet of Everything Amplifies the Risk

Critical infrastructure and industrial organizations have been grappling with security modernization over time. The digital infrastructure that runs processes such as those that generate power, process water, manage industrial procedures and keep equipment running was, until recently, isolated and air-gapped. For decades, security was of little concern, especially compared to the importance of safety and business continuity goals in those sectors.

Digital convergence is a secondary and related trend that has gained momentum in IT and OT infrastructures. Enabling these once-segregated environments to seamlessly share information has yielded additional operational and business benefits, but it is not without risks. With this new paradigm of free-flowing information, attacks can also begin creeping laterally from the IT to the OT environment or vice versa, often unencumbered.

Furthermore, the lack of visibility and security coordination between IT and OT can yield a perfect launching point for a debilitating attack that can take extended periods of time to recognize and mitigate, resulting in further and unnecessary damage.

3. Operational Technology Is Evolving — and So Are Security Tools

Like IT, OT security is making strides that will benefit from technological advances. The IoT, for example, streamlines processes, achieves extreme efficiencies and yields significant cost savings. The information gleaned from the industrial internet of things (IIoT) provides a single-pane-of-glass view of rich information from even the most remote and geographically distributed environments imaginable.

For the very first time, detailed data from a 3,000-mile pipeline, 50-plus deepwater drilling platforms and cement factory furnaces in multiple locations around the world can be simultaneously accessible, and in more detail than ever before. To truly enjoy all the benefits of the IIoT and IT/OT convergence, it is essential to deploy security that can marry the intelligence gleaned from both IT and OT.

Security information and event management (SIEM) technology is specifically designed to sort through large digital haystacks of data to find the security needles of activities, traffic flows and behaviors that look suspicious. A joint solution that leverages OT cybersecurity technology can provide an additional feed into the SIEM tool to deliver full visibility, security and control across these two converging worlds.

OT security with active detection, a robust policy engine and real-time deterministic data can shed light on behaviors unique to OT environments, reduce false positives and provide crucial information on the integrity of devices on the network. This rich set of data is then combined with intelligence feeds from the SIEM solution, where advanced processing and heuristics identify stealthy and sophisticated attacks that evade point security products.

Visit the IBM X-Force Exchange to learn more

More from CISO

Making smart cybersecurity spending decisions in 2025

4 min read - December is a month of numbers, from holiday countdowns to RSVPs for parties. But for business leaders, the most important numbers this month are the budget numbers for 2025. With cybersecurity a top focus for many businesses in 2025, it is likely to be a top-line item on many budgets heading into the New Year.Gartner expects that cybersecurity spending is expected to increase 15% in 2025, from $183.9 billion to $212 billion. Security services lead the way for the segment…

On holiday: Most important policies for reduced staff

4 min read - On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals shared stolen information for free as a holiday gift. In fact, the month of December 2023 saw more than 2 billion records breached and 1,351 disclosed security incidents, according to research from IT Governance — an increase of 332% and 187%, respectively, over the month of…

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today