Overcoming security roadblocks in IT/OT convergence

The growing interest in the Internet of Things (IoT) is driving the convergence of previously-silo Information Technology (IT) and Operational Technology (OT) systems, with more OT devices connected to the Internet to deliver smart analytics.

FacebookTwitterLinkedIn

Industrial Internet: When IT and OT Worlds Collide

Greater IT/OT interdependence is uncovering new opportunities for malicious attacks – with attacks on Supervisory Control and Data Acquisition (SCADA) systems doubling in recent years, as revealed by Dell1. One such assault is the hack on the Ukraine power grids in 2015 and 2016 by an unconfirmed group of Russian hackers. The latest December 2016 attack saw them sending malware via emails to take over computers at an electricity control centre, cutting power to parts of the city of Kiev2.

It is crucial to hence understand the differences between IT and OT systems in light of this increasing convergence:

Factors OT Systems IT Systems
Nature of system
  • Traditionally closed systems not connected to the Internet.
  • OT teams more concerned with the proper functioning of equipment than with security.
  • Open systems connected to the Internet
  • IT teams inherently cautious against cyber-attacks, due to Internet connection.
  • Equipment life and maintenance
  • Long equipment life; hence underlying operating systems and components may have reached end of support.
  • Infrequent updates or security patches.
  • Short device lifecycle.
  • Frequent security patches, updates and upgrades.
  • Security
  • Loss of visibility and control, which affects device availability.
  • Safety ratings are critical; applying security patches may invalidate safety certification.
  • Lack adequate access control.
  • Confidentiality and integrity are critical.
  • No issues with balancing safety ratings or certifications with application of security patches.
  • Typically have strong access control management systems.
  • Monitoring and Logging
  • Usually do not have adequate security monitoring and logging.
  • Typically have firewall logs on security devices such as intrusion detection systems, anti-viruses and endpoint protection.
  • Nature of system
    OT Systems
  • Traditionally closed systems not connected to the Internet.
  • OT teams more concerned with the proper functioning of equipment than with security.
  • IT Systems>
  • Open systems connected to the Internet
  • IT teams inherently cautious against cyber-attacks, due to Internet connection.
  • Equipment life and maintenance
    OT Systems
  • Long equipment life; hence underlying operating systems and components may have reached end of support.
  • Infrequent updates or security patches.
  • IT Systems>
  • Short device lifecycle.
  • Frequent security patches, updates and upgrades.
  • Security
    OT Systems
  • Loss of visibility and control, which affects device availability.
  • Safety ratings are critical; applying security patches may invalidate safety certification.
  • Lack adequate access control.
  • IT Systems>
  • Confidentiality and integrity are critical.
  • No issues with balancing safety ratings or certifications with application of security patches.
  • Typically have strong access control management systems.
  • Monitoring and Logging
    OT Systems
  • Usually do not have adequate security monitoring and logging.
  • IT Systems>
  • Typically have firewall logs on security devices such as intrusion detection systems, anti-viruses and endpoint protection.
  •  

    Analysts have highlighted the benefits of IT/OT convergence which include:

    • Greater productivity with streamlined operations    
    • Improved safety with predictive maintenance to avoid dangerous environments
    • Increased accuracy and speed in operational decisions
    • Cost savings with lesser manpower required

    Yet undeniably, security has been of much concern and remains a top priority for organizations in their digital transformation journey.

    Some Security Implications of Converged IT/OT Networks

    • Legacy OT technology: Unlike IT systems which are constantly being updated with latest security patches, OT devices frequently run legacy software dating back to its initial installation. With long equipment life, this can mean dating back to 10 or 15 years ago. Back then, there were usually no in-built security capabilities, as OT devices were considered ‘secure’, as long as an ‘air-gap’ or a physical separation from IT systems, was maintained.   
    • Data in transit: Machine-to-machine (M2M) data gathered from connected devices can be hacked during transmission or be ‘used’ as part of the cyber kill chain to transmit malware from OT to IT systems, or vice versa.
    • Scale of destruction and loss: When OT systems such as critical infrastructure like power grid or transportation control systems are hacked, the impact is more disastrous (than an IT system breach) with extensive destruction and potential loss of human lives. 

    Watch this video of Mr William Woo, Managing Director, Enterprise Data & Managed Services, Singtel speaking at the NCS TechConnect 2017 event on digital transformation as he summarises the 4 unique challenges in securing IT/OT environments, namely: Complexities, Confusion, Cross-competency and Coordination.

    Security Recommendations: Embarking on Convergence

    Q:  Do you have security policies and incident response processes in place to secure an IT/OT environment?

    A:  It is critical to assess your security readiness by reviewing current security policies against industry-recognised standards to identify IT/OT security gaps. Ensuring effective response during a security incident starts from examining your incident response processes. You also need to build cyber awareness across your organisation through tailored security awareness training that helps to educate staff on social engineering and other risks.

    Q:  Is your in-house IT team equipped with insights into security considerations when selecting security technology for IT/OT environment?

    A:  Conduct a vulnerability assessment of OT networks to identify key OT .assets and existing security vulnerabilities. Access control can be established via an identity assurance programmes to capture existing job roles and assign access rights. An intrusion prevention service protects via deep protocol inspection, intrusion detection, and more

    Q:  Is your in-house IT team trained to handle security issues that may arise from a converged IT/OT environment?

    A:  The lack of cross IT/OT competence is a key challenge in managing security in a converged environment. It is crucial that IT and corporate executives are sent for training on IT/OT cross-competency via simulation exercises to build tactical skills.

    Q:  Do you have access to real-time intelligence on the latest cyber threat landscape?

    A:  With hackers increasingly finding loopholes with sophisticated techniques, it is crucial to keep up with real-time cyber insights. Extend cyber intelligence subscriptions to incorporate OT issues and proactively qualify threats, contextualise risks and prioritise responses.

     

    Singtel Managed Security Services delivers a comprehensive suite of network security solutions and capabilities to help you effectively prevent, identify, prioritise and resolve threats in your converged IT/OT networks.

    Speak to a Singtel security advisor today.

     

    Footnotes:

    1. http://www.datacenterdynamics.com/content-tracks/security-risk/scada-cyber-attacks-double-over-the-last-year/93738.fullarticle
    2. http://www.sandiegouniontribune.com/news/science/sd-me-russians-powergrid-20161230-story.html

    You may also like

    Bridging the cyber talent gap: Why training matters as much as hiringShare
    Apr 2025 | -
    cyber security
    Bridging the cyber talent gap
    Singapore is tackling the cyber talent shortage by creating new ways for people to enter and grow in the field—no tech background needed. With industry-led training and support from key industry players, these programmes focus on real-world skills and practical readiness, helping build a stronger, more resilient cyber security workforce for the nation’s digital future.
    Shield against cyber scams through preparedness programmeShare
    Mar 2025 | -
    cyber security
    Shield against cyber scams through preparedness programme
    Cyber scams are evolving, exploiting both technology and human psychology, making cyber security training essential for organisations. Frost & Sullivan explores how Singtel’s CSI offers a comprehensive Cyber Scam Preparedness programme, emphasising shared responsibility and victim empathy to equip frontline employees as the first line of defence against cyber threats.
    Organisations with managed connectivity and cloud-delivered SSEShare
    Mar 2025 | -
    cyber security
    Securing organisations with managed connectivity and SSE
    This infobrief explores how managed connectivity and cloud-delivered Secure Service Edge (SSE) can protect IoT and mobile-enabled organisations, highlighting the importance of robust security solutions to safeguard devices, data, and networks in an increasingly connected world.