There was a time when OT (operational technology) and IT (information technology) departments operated in silos. Both groups would go about their individual business operations, without any crossover. Today, the growth of IIoT and network-connected OT systems have forced OT and IT to operate collaboratively in order to keep the business operating efficiently, creating a culture clash between the two groups, along with security vulnerabilities.
IT has often been seen as secondary to the business, working separately from those involved in producing the company’s end product. And, when it comes to cybersecurity, IT and OT don’t often agree. When considering the CIA triad of cybersecurity (confidentiality, integrity and availability), IT typically believes that confidentiality is the most important element, doing whatever is needed to keep systems secure. While OT’s priority is 24×7 availability, viewing IT’s reboots, patch updates and other forced downtime as hurting productivity.
This has created an internal tug of war about what types of priorities need to be made, while opening the door to major data vulnerabilities. The overarching challenge is that many standalone OT systems in the manufacturing industry were never meant to be publicly accessed. Plus, factor in that some OT systems could be more than a decade old, operate on proprietary operating systems, communicate using a myriad of different protocols, and have no common way to apply standard patching, scanning or other cybersecurity practices. Not only does this departmental convergence introduce new security vulnerabilities, it also presents new challenges for implementing security into the OT network architecture.
Here are three tips to help OT and IT work together while keeping your business safe from the vulnerabilities interconnected systems can introduce:
- Identify what systems are at risk. Do you know which devices are talking to the internet? And where entry points exist? With so many OT and IT devices coming and going from your network, you need visibility into every type of device on your network. Turn to a third-party monitoring solution to help discover and classify your assets and gain much-needed visibility to secure IIoT.
- Hide and protect your OT network. Once you determine where potential points of entry exist, a next step is to isolate and contain your OT networks from malicious attackers while still enabling employee access. With the right solution, you can provide universal connectivity to your network infrastructure without worldwide addressability — addressing pain points for both OT and IT. With Blue Ridge Networks’ LinkGuard platform, you can create a self-contained cybersecurity ecosystem that protects your most critical infrastructure, while enabling secure connectivity across the enterprise — without costly or time-consuming IT overhead.
- Take a solution for a test drive. Don’t feel like you need to immediately purchase and deploy new technology to protect your IIoT devices. Talk to multiple vendors and evaluate your options and consider taking part in a pilot program with a subset of your business — potentially with more than one vendor with complimentary technology. This can be a no- or low-cost option to test the waters and see what solution best addresses your cybersecurity goals.
Minimizing the very real threats to your valuable OT systems, as well preventing the downtime of those systems, has to be a top priority. When done correctly, your IT department can confidently check the cybersecurity boxes and keep threats at bay, while OT delivers the performance and results to power the business forward. Everybody wins.
Interested in learning more about how Blue Ridge Networks can keep OT systems up and running with LinkGuard’s protection? Contact us today.