Understanding the unique challenges of OT cybersecurity
Visit BSI's Experts Corner: Home for insights from BSI’s practice directors and industry experts on digital trust, environmental, health, safety, security, and sustainability.
August 17, 2023 - Operational technology (OT) is a prime target for cyber criminals due to the chances of obtaining commercially valuable data and causing physical disruption to systems in industries such as transportation or manufacturing.
These critical systems face unique, distinct challenges such as system outages or explosions that set them apart from traditional information technology (IT) environments. OT cyberattacks are costly, and of the 64 OT cyberattacks publicly reported in the US in 2021, approximately 35% had physical consequences, with the estimated damages totaling $140 million per incident. The UK Cyber Security in Manufacturing report highlights that maintaining legacy IT systems is a prime security concern for 44% of manufacturers. Ensuring robust protections has never been as important to support the unique challenges surrounding OT environments.
Legacy systems
The prevalence of legacy systems and outdated technologies is a primary challenge in OT environment security. Many OT systems were designed and implemented years or even decades ago, built with proprietary protocols and hardware that usually lack modern security features to account for the rise in cybersecurity threats.
It is often not feasible to update or replace these systems due to the risk of disrupting critical operations. Protecting legacy systems requires innovative strategies such as network segmentation, virtual patching, and other compensating controls to mitigate security risks.
Convergence of IT and OT networks
IT and OT traditionally operated as separate entities with different priorities and objectives. However, since new requirements for data processing and sharing are now at play, IT and OT have merged. Often referred to as Industry 4.0, the merged technologies provide real-time insights, enhanced monitoring, and increased efficiency to allow goods and equipment to be seamlessly tracked until they arrive at their destination.
IT technologies, such as cloud computing, wireless connectivity, and remote access, introduce potential vulnerabilities that could be exploited by attackers to gain unauthorized access to OT systems. Effective security measures must be in place to ensure the segmentation and protection of critical OT assets from threats originating from connected IT networks.
Real-world consequences
Unlike typical IT systems, compromise in an OT environment can have immediate real-world consequences. OT systems are designed to control and manage critical operations such as water treatment, transport networks, power generation and distribution, and manufacturing facilities. A cyberattack targeting these systems can lead to severe operational disruptions, safety hazards, financial losses, and in extreme cases, loss of life.
No room for respite
OT environments are often operated in continuous or near-continuous modes, allowing little or no room for downtime. Unlike IT systems, which can be taken offline for regular updates and maintenance, OT systems require a lot of careful planning to create windows for downtime in which the systems can be patched. In addition, due to the uptime requirements, patches must be extensively tested to ensure that there is no operational impact.
Managing human factors
People who operate and maintain OT systems play a key role in maintaining their security; however, user error, lack of awareness, or malicious intent can increase the likelihood of systems security becoming compromised. It is vital that organizations foster a robust cybersecurity culture and embed consistent training and awareness programs along with the technical security controls such as access control and monitoring mechanisms.
Understanding the challenges of OT cybersecurity is crucial for protecting critical infrastructure and ensuring the reliability of essential services. Collaboration between IT and OT professionals, ongoing risk assessments, and a proactive security mindset are vital in an adapting OT security landscape.
Learn more about how technology is changing the cybersecurity landscape in Avoiding digital chaos: Part 2: The threats and opportunities of new technology. Read 2023 Supply Chain Insights: Part 2: Cybersecurity in the spotlight. For more insights on other digital trust, privacy, information security, and environmental, health, and safety topics that should be at the top of your organization's list, visit BSI's Experts Corner.