The Convergence of OT and IT Cybersecurity

Stay Informed

As digital solutions increase, industrial companies are converging connectivity and advanced data analytics at a record pace to allow for a smarter manufacturing experience. According to the Institute for Digital Transformation, more than 70% of U.S.-based companies are planning to introduce a new digital technology platform or digitize their products.

This technology shift provides an unprecedented opportunity for businesses to streamline operations and enhance their services through the power of data. With an estimated 38.6 billion smart devices gathering, analyzing and sharing data by 2025, strategically harnessing this massive amount of information while protecting against cyber threats is critical.

An integrated, comprehensive approach is needed when merging operational technology (OT) and informational technology (IT) initiatives to ensure that successful preemptive measures support near-term compatibility and long-term sustainability.

With October being Cybersecurity Awareness Month, now is the perfect time to help protect against cyberattacks by evaluating where your OT and IT cybersecurity solutions intersect.

Greater Access to Data Brings Greater Risk to Safety and Productivity

The union of IT and OT allows access to data and control that was previously unattainable – but with it comes an increased attack surface for cybersecurity threats.

Cyberattacks in the U.S. are on the rise, with 2021 poised to be another record-breaking year as companies permanently shift to virtual operations in the post-COVID environment. The recent high-profile ransomware attacks on the Colonial Pipeline and JBS Foods, for example, demonstrate operational technologies vulnerable to cyber threats.

Cyberattacks can also pose a risk to public and employee safety, especially in industrial environments. Attacks on OT have the potential to cause physical harm, as opposed to compromised information or data. An example of this safety risk was seen earlier this year in an attack on a municipal system in a Florida town. One report estimates that by 2025, OT cyberattacks will directly result in human harm or death.

The first step to helping mitigate risk related to cyber threats is hardening OT to protect IT. Hardware must be on a planned life cycle, properly maintained and replaced as needed. By monitoring ICS-CERT Alerts, staying current with firmware maintenance and developing cybersecurity skills and awareness in teams, industrial manufacturers can be better protected.

Understanding Cyberattacks

Types of Attacks

While there are other reasons for cyberattacks, the motivations remain largely financial. Businesses and individuals are often willing to pay millions of dollars to retrieve their data following cyberattacks that threaten their livelihood or safety. The risks of a service disruption could mean the loss of production time, but it may also pose a bodily risk to employees and the public.

These are some of the most prominent types of cyberattacks, with more being developed by bad actors each day.

  • Ransomware: Hackers hold data hostage until a ransom is paid.
  • Data exfiltration/espionage: Individuals obtain access and steal proprietary information or intellectual property.
  • DoS or DDoS: Hackers overwhelm a website or application with digital requests, resulting in a denial of service or distributed denial of services (DoS or DDoS).
  • Crypto mining: Bad actors take advantage of the rise in digital currency to intercept transactions or accounts.
  • Service disruption: Hackers block access to services.
  • Nation State: Politically motivated cyberattacks are used to gain power over adversarial nations.
Attack Vectors

As internet connectivity creates faster, easier access to data, criminals who are intent on stealing data are working overtime to develop cyberattacks and threats to the security of this information. An attack vector is a method used by bad actors to gain unauthorized access to a system. Some common types of cyberattack vectors include:

  • Phishing, spear-phishing and social engineering: Methods used by attackers to gain access to internal networks and resources.
  • Credential harvesting and permission escalation: Methods of increasing the amount and sensitivity of data that attacking users have access to.
  • Insider threat: A type of threat that could be caused by a disgruntled employee or even blackmail.
  • Software update: Cyber vulnerabilities in a software update, as seen in the SolarWinds cyberattack.
  • Backdoor: Many devices have backdoor entries built-in for developers. Many in the industry see this as a security flaw that should be addressed.
  • Supply chain: Sometimes an attacker can take advantage of security flaws in a supply chain to gain access, such as IT or OT hardware, maintenance or contractors.

Understanding the Network Attack Surface

Now that OT components are moving from being stand-alone, independently operated pieces of equipment to being connected to IT networks, these connected endpoints have become susceptible entry points for malicious hackers. Reducing cyber risk starts with a firm and comprehensive understanding of all endpoints on the network so that you can properly harden and secure them.

As experts learn and adapt from recent cyberattacks, some best practices have been developed that will aid industrial corporations in hardening systems and securing edge devices. Consider the following tools to help prevent, mitigate and respond to cyber threats.

Standard Operating Procedures (SOPs)
  • Safety plan
  • NERC CIP compliance
  • NIST framework
  • Health check – risk audit
  • Defense-in-depth strategy
Hardware and Software Products
  • Firewall appliances
  • Embedded deep packet inspection switches
  • Real-time threat detection software
  • Secure remote access (non-cloud)
  • IPS/IDS solutions

Building a Collaborative Cybersecurity Team

Historically, OT and IT teams have had different priorities and goals, functioning as two units operating separately. The convergence of technology in every aspect of our lives has created the need for cross-collaboration across two culturally different teams.

Preemptory assessment and integration of industrial controls, operations and IT perspectives are all critical to prevent cyberattacks and should be given equal priority by security teams.

Adapting for a Digital Future

For IT and OT professionals, cybersecurity is increasingly top of mind. An effective OT and IT cybersecurity convergence strategy can be your first step to mitigating the risk of cyber threats.

WESCO | Anixter is your partner in innovation, dedicated to offering ingenious solutions that keep our world running and advancing. We understand that digital transformation will only be as strong as the foundational core technologies it’s built on. With nearly 100 years of supply chain solution expertise, over 70 experts in our global Technology & Support Services (TSS) team and access to breakthrough technology partners through our innovation lab, we can tailor solutions that keep your organization safe, smart and productive.

Solutions for a Digital Future