 GigaOm called OTORIO “the lone outperformer and pioneer” among the IIoT security vendors it analyzed.

See Why

IT vs OT security: The Operational Technology Guide For Professionals

01 Sep 2020
   

IT Security - From Show Off to Pay Off

Since the introduction of the first virus in the 1970s and more so with the rise of the internet in the 1980s, the need to secure
information and keep it private has become increasingly important.

Over the years, the IT world has been witnessing a shift in cyber threats. It used to be that programmers launched
bothersome viruses and malware to gain reputation in their communities. Today, with the increased reliance of civilization
on computers, and the advancements of technology, attackers have become much more sophisticated.

Up until recent years, cyber-attacks remained almost solely within the IT realm – affecting what we would call “standard”
computers.

In 2010, the Industrial Cyber Threat Landscape Took a Turn

STUXNET - Though it was not the first cyber-attack to target an industrial environment, STUXNET was the first ICS dedicated
attack to receive such global attention. STUXNET is a malicious computer worm believed to be responsible for causing
substantial damage to Iran’s nuclear program, ruining almost 20% of its nuclear centrifuges.

Since then, there has been a constant increase in cyber-attacks targeting industrial organizations, affecting different
industries such as power grids (Industroyer), energy (Black Energy) petrochemical (Havex), and oil & gas (TRISIS). Hackers are
infiltrating industrial networks in order to shut down machines, demand ransom, steal data, and more. The hardware and
software that monitor and control the physical components of an industrial network are often referred to as Operational
Technology (OT).

The New Age of Operational Technology

Traditionally, OT was an ‘air-gapped’ environment, meaning that it was not connected to external networks or digital
technologies. In recent years, what was known as “traditional OT” has started to change, since the rise of the fourth industrial
revolution, also known as "Industry 4.0". Companies taking part in this change have begun implementing new digital
solutions in their networks looking to stay ahead of their competition. These solutions aim to increase automation, add
“smart” devices, make data more efficient and available, and interconnect networks for convenience.

As part of the interconnection, and in order to make OT components more accessible while being able to collect and analyze
data about them, IT and OT networks are also becoming interconnected. This movement is referred to as IT-OT Convergence.
While connecting operational with information technology opens a great door to new opportunities, it also introduces a vast
landscape of cybersecurity threats to what was once an air-gapped network.

OT Security Has Undergone Fundamental Changes

OT has been relying on computers for several decades to monitor or change the physical state of a system, such as the use of
SCADA systems to control train traffic on a rail system. In traditional industries, OT security is composed mostly of
straightforward physical tasks, including making sure that a machine repeats the same task correctly, an assembly line
continues, etc. Since the inception of IT-OT convergence, there has been a shift in how OT is seen in factories, and in its
security.
Cookies Settings
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site
The Blurryanalyze
navigation, Linessite
Between
usage, and Operations and Information
assist in our marketing efforts.
Reject All

Accept All Cookies

Today, OT security mainly stands for the protection of traditional operations and assets from cyber incidents due to the
increased connectivity between cyber and physical realms. It involves the detection and mitigation of weak spots and
changes in systems that control physical devices such as valves and pumps as well as vulnerabilities stemming from their
integration with enterprise software.

Though operational and information technologies are becoming more connected, there are several important differences
that both IT and OT staff need to be aware of.

IT vs OT - Four Core Differences

1. Enterprise vs Industry
The most fundamental difference between the technologies is perhaps the most important one. The two technologies
operate in different environments and serve different purposes. Briefly, IT is the world we all know. Computers, keyboards,
screens, and mice. IT environments involve common environments and solutions (the cloud, servers, firewalls, antivirus, etc.),
they communicate over known protocols (HTTP, SSH, RDP), and so forth.

Conversely, OT includes completely different components that can be found primarily in industrial environments. These
components are often screenless (machinery, PLCs), they communicate over industrial protocols that are never seen on IT
networks (e.g., Modbus, Ethernet/IP, Profinet), they lack security tools (firewalls, antivirus), and they are even programmed
differently than “normal” computers.

2. IT Prioritizes Confidentiality, OT Focuses on Safety

Because IT primarily involves storage, retrieval, manipulation, and transmission of digital information, data and
confidentiality are a top concern. IT security is crucial in every organization in order to keep its data secure and under control.

In OT, the safety and availability of equipment and processes dominate. Dealing with physical systems that must maintain
stable values, such as temperature and RPM, requires meticulous control. Lack of control can lead to extensive financial
losses due to temporary halts in production or even result in direct physical harm. For example, a ransomware attack that
blocks access to operations can lead to a few days of inactivity where each day may be worth millions of dollars.

3. IT Incidents are More Frequent, OT Incidents are More Destructive

While OT incidents may lead to more destructive outcomes, IT has more ways in which it can be manipulated. Simply put, IT
has more touchpoints with the internet. These gateways pose higher security risks because each one can potentially be a
hack waiting to happen.

OT has a lower number of gateways, making it comparatively safer. However, the potential magnitude of compromised
physical equipment tends to be greater than that of a data breach. Even slight OT cyber-incidents can lead to huge financial
losses and have damaging ramifications that can affect the general population, such as water contamination and power
outages.

4. Security Patching - Every Week vs Every Ten Years

IT components advance so fast and have relatively short life spans, that a network can look completely different only several
years apart. In fact, IT security updates are so frequent that many IT vendors have a designated
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site
"update day of the week" or
Cookies Settings
"Patch Tuesday".
navigation, analyze site usage, and assist in our marketing efforts.
Reject Allcomplete shutdowns that
Security patching does not work the same way in OT. Since patching OT components requires
halts production, vendors running OT networks rarely patch their components, if at all. Since OT components are rarely
updated, they may have many more public vulnerabilities when compared to IT computers. This means that the probability
Accept All Cookies
of a successful exploit on an OT system is exponentially higher than on an IT system.

What Does the Future Hold for Industrial IT Professionals?

IT/OT Alignment
It is clear that IT and OT work differently, are used differently, and have different objectives and risks. However, as digital
systems continue to connect to industrial systems, the industry will enjoy improved production growth but at the same time,
it exposes itself to more cyber threats.

Industry experts predict that IT-OT will only continue to converge. This means that OT administrators should do their best to
understand the IT environment, and vice versa - the sooner the better. Gartner recommends that organizations align their
standards, policies, tools, processes, and staff between the IT and the business to the changing OT systems. The approach to
dealing with the organizational changes in response to IT/OT convergence is called IT/OT alignment.

IT/OT alignment begins with understanding what each environment does and how they differ from each other. A
comprehensive cybersecurity strategy that considers the entire security lifecycle, beginning from the production floor and
up to the enterprise, is key when looking to advance through the industrial revolution as the new industry champions.

SUBSCRIBE

Work email

Full Name

Submit

Most Popular Posts

11 Jan 2022
A House of Cards: Shoring Up the OT Digital more...

02 Mar 2021
OTORIO’s Pen-Testers discovered more than 20 vulnerabilities in a popular Industrial Remote Access Solution more...

10 Feb 2021
Florida’s Water Poisoned by Hackers: A Warning Signal more...

Popular Tags

Vulnerability
 (29) Ransomware
 (21) Critical Infrastructure
 (18) Industrial Cyber-security
 (18) ICS Bulletin
 (13)

Energy
 (12) Oil & Gas
 (10) ot
 (8) operational technology
 (7) ICS
 (7) Industry 4.0
 (7)

Critical Control System Cybersecurity

 (6) Operational Networks
 (6) Automotive
 (6) Threats
 (5) Guide
 (5)

Industrial Security Strategy

 (5) supply chain
 (4) COVID-19
 (4) Research
 (3)

Cookies Settings
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site
Recent Posts
navigation, analyze site usage, and assist in our marketing efforts.
Reject All

GigaOm: OTORIO a “Future- Safeguarding the Electrical Take OT Digital and Cyber C
Proof Investment” for IIoT Grid Security Posture
Accept All Cookies C
31 May 2022 17 May 2022 19 Apr 2022 14