Overcoming security roadblocks in IT/OT convergence

Greater IT/OT interdependence is uncovering new opportunities for malicious attacks – with attacks on Supervisory Control and Data Acquisition (SCADA) systems doubling in recent years, as revealed by Dell1. One such assault is the hack on the Ukraine power grids in 2015 and 2016 by an unconfirmed group of Russian hackers. The latest December 2016 attack saw them sending malware via emails to take over computers at an electricity control centre, cutting power to parts of the city of Kiev2.

It is crucial to hence understand the differences between IT and OT systems in light of this increasing convergence:

Analysts have highlighted the benefits of IT/OT convergence which include:

• Greater productivity with streamlined operations    
• Improved safety with predictive maintenance to avoid dangerous environments
• Increased accuracy and speed in operational decisions
• Cost savings with lesser manpower required
  

Yet undeniably, security has been of much concern and remains a top priority for organizations in their digital transformation journey.

• Legacy OT technology: Unlike IT systems which are constantly being updated with latest security patches, OT devices frequently run legacy software dating back to its initial installation. With long equipment life, this can mean dating back to 10 or 15 years ago. Back then, there were usually no in-built security capabilities, as OT devices were considered ‘secure’, as long as an ‘air-gap’ or a physical separation from IT systems, was maintained.   
• Data in transit: Machine-to-machine (M2M) data gathered from connected devices can be hacked during transmission or be ‘used’ as part of the cyber kill chain to transmit malware from OT to IT systems, or vice versa.
• Scale of destruction and loss: When OT systems such as critical infrastructure like power grid or transportation control systems are hacked, the impact is more disastrous (than an IT system breach) with extensive destruction and potential loss of human lives. 

Watch this video of Mr William Woo, Managing Director, Enterprise Data & Managed Services, Singtel speaking at the NCS TechConnect 2017 event on digital transformation as he summarises the 4 unique challenges in securing IT/OT environments, namely: Complexities, Confusion, Cross-competency and Coordination.

Q:  Do you have security policies and incident response processes in place to secure an IT/OT environment?

A:  It is critical to assess your security readiness by reviewing current security policies against industry-recognised standards to identify IT/OT security gaps. Ensuring effective response during a security incident starts from examining your incident response processes. You also need to build cyber awareness across your organisation through tailored security awareness training that helps to educate staff on social engineering and other risks.

Q:  Is your in-house IT team equipped with insights into security considerations when selecting security technology for IT/OT environment?

A:  Conduct a vulnerability assessment of OT networks to identify key OT .assets and existing security vulnerabilities. Access control can be established via an identity assurance programmes to capture existing job roles and assign access rights. An intrusion prevention service protects via deep protocol inspection, intrusion detection, and more

Q:  Is your in-house IT team trained to handle security issues that may arise from a converged IT/OT environment?

A:  The lack of cross IT/OT competence is a key challenge in managing security in a converged environment. It is crucial that IT and corporate executives are sent for training on IT/OT cross-competency via simulation exercises to build tactical skills.

Q:  Do you have access to real-time intelligence on the latest cyber threat landscape?

A:  With hackers increasingly finding loopholes with sophisticated techniques, it is crucial to keep up with real-time cyber insights. Extend cyber intelligence subscriptions to incorporate OT issues and proactively qualify threats, contextualise risks and prioritise responses.

Singtel Managed Security Services delivers a comprehensive suite of network security solutions and capabilities to help you effectively prevent, identify, prioritise and resolve threats in your converged IT/OT networks.

Speak to a Singtel security advisor today.

Footnotes:

1. http://www.datacenterdynamics.com/content-tracks/security-risk/scada-cyber-attacks-double-over-the-last-year/93738.fullarticle
2. http://www.sandiegouniontribune.com/news/science/sd-me-russians-powergrid-20161230-story.html