How to strengthen OT cybersecurity for critical industries

Despite the growing awareness of cyber threat, some organisations remain unaware of the nuances involved in creating a strong cybersecurity strategy.

The Australian federal budget has allocated $42 million for building security defences around critical infrastructure assets, including those deemed of national significance. This funding would also assist critical infrastructure owners and operators to respond to the increasing number of cyber-attacks.

However, despite the growing awareness of cyber threats and understanding of the importance of maintaining a strong security posture, some organisations remain unaware of the nuances involved in creating a strong cybersecurity strategy. In particular, businesses are failing to grasp the potential risks introduced by the convergence of information technology (IT) and operational technology (OT).

This lack of awareness is one of the biggest threats to OT security. Without understanding the different needs of OT and IT, businesses will fail to efficiently defend their systems and critical assets against cyber criminals. For organisations that operate in critical infrastructure sectors, this can have far-reaching impacts on wider society, including national security concerns.

Traditionally, OT and IT environments have been separated by an ‘air gap’, or lack of a physical connection between them to completely isolate and secure the OT network. With the integration of OT and IT technologies the air gap that once protected OT environments has been erased increasing the security risks for OT significantly. Moreover, since OT systems have a decade-long life, they are infrequently replaced. As a result, many OT systems are missing modern capabilities that could make them more secure as the air gap evaporates.

The question is how to strengthen OT cybersecurity? What security approach accommodates the unique character of OT devices and systems, while supporting maximised uptime and minimised costs?

The first line of defence in preventing cyber criminals from reaching SCADA, ICS, and critical infrastructure assets is to understand the differences between IT and OT, and their specific security-related needs. Whereas IT systems are largely concerned with cyber activity, and primarily require security focused on confidentiality and data protection, OT systems operate more in the physical world and interact with real-world assets, making safety and productivity a priority.

Too often, business leaders may incorrectly assume that implementing cybersecurity strategies for corporate IT tools and networks will be sufficient to also protect OT systems and processes. But IT-focused security solutions aren’t suitable to secure the unique features of OT systems.

Fortunately, chief information security officers (CISOs) can assist boards of critical infrastructure organisations to better understand the critical assets in their OT environment and the risks associated with the convergence of IT and OT to develop an efficient security strategy.

To develop an effective cybersecurity strategy, organisations in critical infrastructure industries must have a comprehensive understanding of what assets they have, who has access to these assets, and who controls the access. Understanding the flow of information and access is a fundamental step in developing an effective cybersecurity strategy and strengthening the organisation’s security posture.

Cybersecurity is a constantly changing and evolving landscape, and it is crucial that organisations in critical industries continuously assess their OT and IT systems against the effectiveness of the organisation’s security approach.

To learn more about how to develop an effective strategy to protect your critical infrastructure assets download Fortinet’s report, Protecting Plant and Manufacturing Operations from the Expanding Attack Surface – Critical Elements of a Sophisticated Security Architecture, here.

Image credit: ©stock.adobe.com/au/dusanpetkovic1