The Cyber Security Spar in Integrating IT and OT Systems

Vimal Goel, CIO, HPCL-Mittal Energy | Friday, 22 December 2023, 14:48 IST

  •  No Image

Vimal is a seasoned IT leader with over 33 years’ experience, adept in overseeing large, intricate and transformational IT projects. Proficient in fusing technology with business for holistic solutions, he specializes in cost-effective operational frameworks and crafting strategic IT initiatives.

Since the dawn of cyber threats, security has been a buzz in Information Technology (IT), emphasizing confidentiality, integrity, and availability—shielding company secrets, and ensuring that data remained pristine and accessible only to the right eyes. In recent times, however, security in Operational Technology (OT) has gained the limelight. Previously isolated OT systems have transitioned to work on the same IP networks as IT systems, uncovering critical vulnerabilities. People have started realizing that OT assets can be accessed and manipulated and create disastrous impacts on lives, assets as well as business operations.

Why should we be more conscious about Operational Technology (OT) security now? The crux lies in the contrasting aftermath of breaches between IT and OT. In IT, breaches might result in compromised data or leaks—troublesome but often manageable. Conversely, in the realm of OT, the repercussions are far-reaching. Imagine an unauthorized intrusion disrupting critical infrastructure—a water pipeline or a utility service within a city. The effects extend beyond inconvenience to potential public safety hazards and substantial economic repercussions. These aren't hypothetical scenarios; we have witnessed the real-world ramifications. Instances where unauthorized access to OT systems led to disruptions in essential services, causing significant societal upheaval and financial losses.

The distinction here is not just about data; it's about the tangible, real-world impact on infrastructure and lives. Protecting OT systems is not merely about safeguarding assets; it's about ensuring the resilience of the systems that underpin our daily lives—power grids, transportation, water supply—everything that maintains societal functionality. Hence, the spotlight now shines brightly on fortifying OT security.

Challenges in Securing OT Systems and Comprehensive Solutions to Overcome

Cybersecurity has been maturing alongside the IT market and the threats here are often well-understood; allowing us to identify vulnerabilities and develop optimal solutions quickly. The familiarity with operating systems like Windows, Linux and others has empowered IT experts to create robust cybersecurity platforms, thanks to available knowledge and ongoing evaluation.

Operational Technology (OT), on the other hand, has traversed a different journey. Historically, OT systems, often comprising isolated distribution systems, sensors, analysers and PLCs, operated independent of IT. They only interfaced with small internal systems for data analysis or unit control. The complexity in OT arises from the proprietary nature of the systems, typically sourced from a handful of companies in the instrumentation business. This hindered widespread understanding or development of cybersecurity solutions by entities outside these specialized manufacturers. Even as discussions around standardization emerged, accreditation remained a distant reality, leaving these technologies predominantly proprietary and challenging for external cybersecurity development

Moreover, cybersecurity was never the primary focus when implementing OT systems. It was only when OT systems converged with IT networks or even directly connected to the internet through IoT solutions that cyber security vulnerabilities became evident.

One of the primary challenges with OT systems is their continued reliance on proprietary technology, limiting solutions primarily to specific manufacturers. Additionally, the absence of standardization complicates the cybersecurity landscape, hindering the development of comprehensive solutions. Compounding the issue, information regarding vulnerabilities across OT systems remains largely undisclosed, impeding the creation of robust preventive measures against potential cyber breaches.

Moving forward, bridging the gap between securing IT and OT systems demands a shift toward standardization, increased transparency about vulnerabilities, and collaborative efforts to develop comprehensive cybersecurity solutions. It requires industry-wide recognition of cybersecurity as a critical aspect of OT deployment, ensuring that security measures evolve hand-in-hand with technological integration. The path forward necessitates a unified approach, embracing standardization, knowledge sharing, and a proactive stance to fortify the cyber defenses of OT systems, safeguarding critical infrastructure and mitigating potential risks to assets and lives.

Strategies and technologies vital for bridging the gap in IT and OT cybersecurity

Network Segmentation: Maintain distinct networks for IT and OT systems, employing VLANs and robust logical separation. Integrate them at a single point, ensuring separate firewalls for both.

Robust Security Measures: Implement firewalls and security measures for both IT and OT systems individually, avoiding assumptions about security post-integration. Watch traffic and review firewalls rules regularly.

Regular Patching and Upgrades: While patching OT systems may pose challenges, prioritize regular updates where available. Consider replacing outdated devices to enhance functionality and cybersecurity capabilities.

Continuous Assessment: Conduct periodic Vulnerability Assessment and Penetration Testing (VAPT) for OT systems akin to IT security protocols. Addresses identified vulnerabilities promptly or fortify assets with additional protection.

Stay Vigilant with Industry Advisories: Remain attentive to advisories from industry forums and agencies like NCIP, adhering to their recommendations for securing OT assets against known vulnerabilities.

By implementing these strategies and staying attuned to emerging threats, organizations can significantly enhance the cybersecurity resilience of their OT systems, closing the gap between IT and OT security.

Fortifying IT and OT Cybersecurity for Tomorrow

The future of IT and OT cybersecurity lies in AI integration. Presently, complex security setups require centralized Security Operation Centers (SOCs) with advanced SIM tools for event correlation. AI's potential is vast—it deciphers data patterns from diverse sources, predicting disruptions or potential threats swiftly. This proactive approach is crucial; time is critical in preventing system havoc or data encryption. AI's prowess in data analysis aids in pre-emptive actions against cyber threats, highlighting vulnerabilities, and fortifying IP infrastructure. Organizations leveraging AI's deep analysis capabilities stand poised to foresee cyber trends, adapt swiftly, and stay ahead in safeguarding their interconnected systems.

CIO Viewpoint

The Cyber Security Spar in Integrating IT and...

By Vimal Goel, CIO, HPCL-Mittal Energy

Towards Cyber Resilience: A Data-Centric...

By Puneet Gupta, Vice President & Managing Director, NetApp India/SAARC

Why DDoS Attacks Are on the Rise and How Can...

By Shibu Paul, Vice President – International Sales at Array Networks

CXO Insights

Tailored QR Code Templates for Phishing Scams

By Sundar Balasubramanian, India and SAARC MD, Check Point Software Technologies

Emerging Trends, Challenges & Future Prospects...

By Sujoy Brahmachari, CIO & CISO, Rosmerta Technologies

Exploring Data-First Security and Automation in...

By Maheswaran S, Country Manager - S.Asia, Varonis Systems