During the recent Secure Operational Technology Summit 2021: Elevate Your Security APAC Digital Edition held last April 22-23, 2021, Fortinet discusses the risks of all the threats that are targeting internet-connected operational technology and the OT infrastructure attacks that comes with these threats.
In an article shared and written by Rick Peters, CISO for Operational Technology, North America at Fortinet, forAutomation.com, he mentioned three important things about the new threats impacting ICS/SCADA Systems.
Citizens around the world naturally depend on the OT vertical sector services – including manufacturing, energy, utilities, and transportation infrastructures – provisioned daily. It is therefore critical to safeguard the integrated ICS/SCADA systems within an OT enterprise. As digital transformation sweeps across these sectors to boost efficiency, new cybersecurity concerns have surfaced as once air-gapped systems become exposed to new cyber risks and a much broader attack surface. Furthermore, considering the age, sensitivity, and complexities of many OT environments, it is increasingly difficult for organizations to protect their high-value cyber-physical assets. It is all these factors that triggered Fortinet and Forrester to survey industry leaders who manage and maintain OT infrastructure with the goal of highlighting emerging security trends and practices impacting operations.
This survey uncovered three important findings.
1. Breaches are Common in the OT Sector
Among survey participants, only 10% reported that they had never experienced a data breach. Conversely, 58% of organizations reported having experienced this type of threat in the past 12 months; thus, more than 75% expect regulatory pressure to increase over the next two years. By simply expanding the period of consideration to 24 months, we discover OT system breach rates rising to 80%, demonstrating just how much interest there is for cyber criminals to target OT systems.
Considering the high number of OT breaches, it makes sense that 78% of organizations surveyed plan to increase their ICS/SCADA security budgets this year to combat these threats more effectively.
2. IT and OT Networks Continue to Converge
OT systems historically depended on software and hardware not connected to the internet, meaning there was a natural reliance on the safety of an “air gap” between external and internal systems. With the shift toward IT-OT convergence and the pursuit toward operational efficiency, connectivity and exposure to more traditional IT threats have increased. With this proportional expansion of the attack surface, cyber criminals can readily gain access to systems that were once isolated.
When surveyed, almost all respondents (96%) expect to face challenges as they move toward convergence, resulting in greater attention devoted to security concerns. When it comes to OT security, more than one-third of survey respondents noted that they are worried about the following issues:
The potential for connected smart devices to cause breaches
Third parties lack the security expertise required to help with converged technology and the Internet of Things (IoT)
Lack of expertise by internal security teams to secure this converged technology and IoT
Staying on top of the latest security tactics and protocols
An inability to isolate or contain resources when a breach occurs
The chance of sensitive or confidential data to be compromised
Greater regulatory pressures surrounding ISC/SCADA systems
Regulation compliance, in particular, is a common concern. In fact, seven in ten survey respondents report that they have experienced mounting compliance pressures over the past year, and 78% expect this trend to continue for the next two years. For surveyed organizations, the regulations making the most significant impact are International Society (ISA) Standards, the EU Data Protection Directive (GDPR), and the Federal Information Security Management Act (FISMA).
3. Business Partners Often Add More Risk
For as much as they afford benefits, business partners can also create an additional dimension of risk for OT enterprises. Although granting essential privileged access to key designated personnel is critical, minimizing control access is equally important. This is reinforced by the fact that organizations most successful at securing their environments were also 129% more likely to severely limit or even deny access to partners.
The most successful organizations were found to grant only moderate access to their systems. These same organizations were 45% more likely to carry out critical security functions in-house rather as opposed to outsourcing this responsibility. They were more likely to have outsourced tasks related to network analysis and visibility.
While partner relationships are important and sometimes even essential, corporate enterprise leaders must insist on a prudent approach to granting access, outsourcing decisions, and identifying situationally ready partners. As digital transformation continues to influence this business sector, executing well-defined and strict adoption of best cybersecurity practices will be vital to securing OT systems.
What Does It Take to Achieve OT Security?
Considering the impact that a cyberattack can have on OT networks, from lost productivity to diminished safety, security teams need all the help they can get – and a shift toward proactive cybersecurity strategy for converged networks enables deployment of optimal solutions. In addition to addressing the specific security needs of these enterprises, the preferred solution should deliver a wealth of features and an agile form factor to account for restrictive space and harsh environmental conditions. Accomplishing OT solution integration at the core while achieving cost savings and reliable connectivity is tenable by employing a robust next generation firewall (NGFW) solution capable of accommodating unique environmental challenges while affording purpose built designed in features like compact SD-WAN solution functionality specifically designed for OT environments. Foundationally armed with a robust NGFW delivers enterprise architecture protection for the entire converged IT-OT network while eliminating potential OT security gaps that cyber criminals are seeking to exploit.
The Convergence of IT and OT
The convergence of IT and OT has clearly revealed significant security risks and complexities that enterprise leaders must actively work to address to avoid the consequences of a cybersecurity event. The stakes in protecting high value cyber physical assets and intellectual property are high as the rate of OT breaches continue to grow and costly OT business disruption impact revenue, brand reputation and safe operations. Confusion over the appropriate level of access for partners only complicates matters further. To effectively address these challenges, IT and OT leaders must stay abreast of the latest trends and threat intelligence to gain situational awareness and confidence from the point of convergence to the plant floor. They must also deploy the right solutions – such as a compact, rugged, SD-WAN solution – that will protect their critical assets from any potential threats.
