May 13, 2019 By Anshul Garg 4 min read

Over the past several years, companies that operate industrial environments have taken advantage of digital transformation to help them become more competitive in their respective sectors. From the internet of things (IoT) to the industrial internet of things (IIoT) to Industry 4.0, the next industrial revolution is upon us as companies leverage the ability to connect devices that were previously not connected to the internet.

IT components like servers, databases and even cloud services are being brought into operational technology (OT) environments and can introduce various benefits to industrial processes, such as helping organizations improve uptimes, performance, quality and productivity, maintain safety, and help reduce maintenance costs and risk. All these can result in increased profits for organizations that adopt these solutions.

However, as with any digital transformation, there are some challenges that can arise. As OT environments, especially with legacy systems in place, become increasingly connected, they may inherit risks that were previously the domain of the IT environment. As a result, they can become vulnerable to cybersecurity threats and threat actors that may not have affected them in the past.

Learn More About Securing Your OT Environment

Some Definitions First — What Is OT Security?

Operational technology is the use of computerized systems to manage, monitor, and control the physical state of other systems. Gartner defines OT security as the practices and technologies used to protect people, assets and information involved in the monitoring and/or control of physical devices, processes and events.

OT security is fundamentally different from IT security in the sense that IT systems are typically designed around confidentiality, integrity and availability (CIA). But since OT environments are more mission-critical, the objectives in that environment typically follow the priority of availability and integrity, followed by confidentiality, according to the NIST 800-82.

When it comes to OT security, we often refer to securing networks that run industrial environments to help maintain safety and reliability of operations.

Ongoing Convergence

The ongoing convergence between the rugged and noisy plant world and the carpeted corporate IT world is forcing both parts of the organization to learn to speak each other’s language, so to speak, and work together to help secure the evolving organization.

However, what can be confusing sometimes, holding teams back, is terminology being used wrongly or interchangeably in that space.

For example, operational technology, industrial control systems (ICS) and supervisory control and data acquisition (SCADA) are often used interchangeably by many in the industry. So, before digging deeper, let us understand what each of these terms means.

Operational Technology (OT)

Operational technology refers to technologies that are used within industrial operations. Equipment like motors and actuators and machines responsible for making things move or producing something are considered operational technology.

Industrial Control Systems (ICS)

ICS is another type of OT that comprises systems that are used to monitor and control industrial processes. For example, checking that a motor is running at the expected speed, ensuring that the pressure within a pipe is indeed correct, checking that the right temperature is maintained, etc. There could be thousands of ICS devices monitoring industrial processes within a given plant or industrial facility.

SCADA and DCS

Industrial control systems are often consolidated into distributed control systems (DCS) and SCADA systems that provide an easier way for engineers to manage various industrial processes.

SCADA systems are often located in the control room where engineers can use them to observe the status of a system or make system adjustments to manage the process under control. For example, in the case where an OT device is malfunctioning and people in the plant could be injured, the sooner operators known about it, the better. That is where SCADA systems can help by alerting plant and system operators about issues to allow timely remediation.

Let’s take, for example, an HVAC system that maintains plant temperature. This system is an example of OT. The individual thermostats used to monitor/control the temperature would be ICS, and the user interface that can help monitor the temperature and perform additional activities in a click would be an example of a SCADA system.

By extension, OT security, ICS security and SCADA security are all too often used interchangeably by organizations even though they are inherently different and subject to distinct vulnerabilities and attack scenarios. That being said, based on IBM X-Force discussions with industry analysts and experts, we believe it is safe to say that OT security is the broader, more recognized umbrella term for securing all these components.

Malware in the Factory

In recent times, attacks on the industrial sector have been increasing, with malware like Triton, Shamoon and various ransomware attacks aiming to disrupt operations for industrial companies across the globe. Some of the affected industries included oil and gas, energy and utilities, healthcare and life sciences, consumer products, and various verticals in the industrial sector, proving that the industrial sector is no longer exempt from threats that can reach its networks and severely impact operations.

X-Force Red is an autonomous team of veteran hackers within IBM Security hired to break into organizations and uncover risky vulnerabilities that criminal attackers may use for personal gain. According to X-Force Red data collected from our vulnerability database the number of vulnerabilities exposing industrial control systems has increased 83 percent over the past eight years (since 2011).

It therefore stands to reason that organizations transforming their OT environments also need to evolve their security posture to enable innovation and continue to see the benefits of a connected plant, grid or oil rig, to name a few.

Wish to learn more? Join us for a webinar in which industry specialists discuss the challenges and best practices for securing the OT environment.

 

More from Risk Management

How TikTok is reframing cybersecurity efforts

4 min read - You might think of TikTok as the place to go to find out new recipes and laugh at silly videos. And as a cybersecurity professional, TikTok’s potential data security issues are also likely to come to mind. However, in recent years, TikTok has worked to promote cybersecurity through its channels and programs. To highlight its efforts, TikTok celebrated Cybersecurity Month by promoting its cybersecurity focus and sharing cybersecurity TikTok creators.Global Bug Bounty program with HackerOneDuring Cybersecurity Month, the social media…

Roundup: The top ransomware stories of 2024

2 min read - The year 2024 saw a marked increase in the competence, aggression and unpredictability of ransomware attackers. Nearly all the key numbers are up — more ransomware gangs, bigger targets and higher payouts. Malicious ransomware groups also focus on critical infrastructure and supply chains, raising the stakes for victims and increasing the motivation to cooperate.Here are the biggest ransomware stories of 2024.Ransomware payments reach record highRansomware payments surged to record highs in 2024. In the first half of the year, victims…

83% of organizations reported insider attacks in 2024

4 min read - According to Cybersecurity Insiders' recent 2024 Insider Threat Report, 83% of organizations reported at least one insider attack in the last year. Even more surprising than this statistic is that organizations that experienced 11-20 insider attacks saw an increase of five times the amount of attacks they did in 2023 — moving from just 4% to 21% in the last 12 months.With insider threats on the rise, it’s critical for businesses to recognize the real dangers that originate from inside…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today