As the use of operational technology (OT) and Internet of Things (IoT) grows, so too does the threat landscape. Without releasing it, many businesses may have thousands of unknown access points ready to be exploited by cybercriminals. Jayson Pieterse, Sales Manager at TXOne, explores the different risks organisations face.
===
With the growth in digital transformation of businesses, there has been an increase in tools and tech solutions that allow for greater connectivity.
From cloud and artificial intelligence to operational technology (OT) and Internet of Things (IoT), businesses are more connected than ever before.
And while these tech advancements have created more efficiencies, increased productivity and furnished businesses with more in-depth insights, they have also expanded the threat landscape.
As industrial operations have gotten smarter, the use of OT and IoT has proliferated. TXOne’s latest research found that 68% of organisations were continuously increasing their OT budgets.
This is the result of digital transformation investments demonstrating their worth to business owners and decision makers.
Board members and C-level executives are more informed about the benefits these technologies can bring to an organisation with many becoming increasingly involved in decisions around OT. However, with each new device, comes a new entry-point that needs to be secured.
Knowing this, insurance and auditing companies are driving organisations to be more compliant when it comes to OT security.
It’s becoming common practice for insurance companies to audit organisations and determine their premiums or if they can be considered for cover based on their compliance. Cyberattacks like ransomware and distributed denial of service (DDoS) are not only costly for the targeted organisation, but the companies that insure them.
The expansion of the threat surface through smart industrial operations has left organisations exposed. And while cybercriminals present a significant risk, there are vulnerabilities within organisations that impact OT security.
Legacy hinders OT security
Businesses in the industrial market like mining, oil and gas, manufacturing or utilities, are often operating with legacy infrastructure.
These systems were built with longevity in mind, and this comes at great expense – often hundreds of millions if not billions of rands. Because factories and plants are built for long-term use – some 40 or 50 years – it’s therefore not so easy to simply refresh operations.
There’s also the issue that a plant or factory’s infrastructure was built at a time when organisations didn’t have the technology that’s available today and so cybersecurity was not a factor.
However, as advancements are made in industry and new technology is adopted, solutions have been retrofitted to legacy infrastructure.
When it comes to considering the security of these new tech devices and systems, it’s then difficult to deploy patches and updates in a way that does not interrupt operations.
Bringing a factory offline for any amount of time can cost money, which is often the hesitancy businesses have when it comes to addressing their OT security.
However, a delay to business operations does not have to take place when the right OT security partner is brought on board. With industry experience, technicians are able to manage cyber defences across legacy infrastructure and can prevent interruptions and downtime.
Perception versus reality
Reluctance to disrupt a day’s work to update OT security is not the only risk businesses face. Many industrial organisations don’t have complete visibility of their OT and IoT assets and the possible vulnerabilities.
At TXOne, customers have approached us to provide a risk assessment with the understanding that there are 5,000 operational assets within the organisation. However, after a risk assessment, we’ve sometimes found five times this amount. This lack of visibility makes an organisation and its operations vulnerable to attack. You can’t protect something you can’t see.
Because there isn’t a clear view of these operational assets, minor problems with IoT devices or systems are often attributed to a network problem. However, on closer inspection, these issues turn out to be a cyber-related incident that’s been causing trouble for an extended period of time.
To address these risks, organisations need to have a complete view of what’s in their operational environment.
This is done through a risk assessment, which will quantify assets and vulnerabilities. Having this initial visibility can seem overwhelming at first, but it will provide businesses with a starting point.
From there, it’s possible to build out a phased approach that will include getting the basics of OT security right and then seeing where else risk can be reduced.
In a rapidly evolving threat landscape, working with the right security partner can ensure organisations can safeguard their critical infrastructure.
It’s this experience and expertise that will ensure compliance, overcome legacy infrastructure challenges and visibility gaps using zero trust principles for visibility, control and protection.