IT/OT Convergence Means Greater Resources for Bothgsiegel.com/documents/ITOTBlog.pdf · hear one...
Transcript of IT/OT Convergence Means Greater Resources for Bothgsiegel.com/documents/ITOTBlog.pdf · hear one...
Resources / Blogs / Industrial Security Search Our Industrial Security Blog
Many of us are familiar with the infamous video of thehacking at the Ukrainian power station in December, 2015that caused a blackout impacting a quarter million peoplein the area. As the hackers remotely took control of theirworkstations, the plant systems operators could do littlemore than record for posterity the activity that they sawon their PC screens with their mobile phones. So now, anyof us can go over to YouTube and watch in horror alongwith the operators as their cursor moves around theirscreen, maliciously clicking commands and trippingbreakers in various substations. Of significant interest, asthey helplessly watch the screen activity that wasadvancing their power station inevitably toward doom, wehear one operator say to the other “We should call the ITguys,” to which his colleague quickly replies “What if it’sthe IT guys doing this?”
I’d like to give kudos to both gentlemen—the first, forthinking of the resources and expertise of his ITcolleagues in the heat of the moment, and the second, forso effectively and dramatically illustrating a concern thatis so much in discussion today—the ambivalence and lackof understanding that can exist between OT and IT
Related Posts
CyberSecurity: TheCornerstoneof IIoTAdoptionAugust 16th,2017
IT/OT Convergence Means GreaterResources for Both
Robert Landavazo 7/11/18 IIoT
Broadcast Data Center Digital Building Industrial Ethernet Industrial Security Subscribe
Products Solutions Resources Partners
Support
LogIn
of understanding that can exist between OT and ITcolleagues.
Moving towards a new era of cooperation
As industry works – with varying degrees of success – tocreate a new world of IT/OT convergence and partnership,with the previously distinct lines and silos between theroles and responsibilities of each becoming more blurred,it pays to keep the comments of the Ukrainian operatorsin mind. If there had been greater teamwork between OTand IT in the plant in the months preceding, might theattack have been avoided or been mitigated in some way?
Whether or not that would have been the case, there are,unfortunately, more and more opportunities to ask thequestion. There has been a sharp increase in cyberattacks against industrial control systems, including arecent one that targeted plant safety instrumentationsystems in the oil and gas industry. It’s a disturbingincrease in the level of maliciousness to think that humanlife could be targeted and not just equipment. Anotherfrightening portent of possible things to come relates to arecent technical alert sent out by the U.S. IndustrialControl Systems Cyber Emergency Response Team (ICS-CERT). CERT warned that a hacked schematic of an 8.8megawatt turbine belonging to an American power plantwas retrieved from a Russian command and controlserver. Conjecturing what that could mean is a very scaryexercise. (However, on the positive side, gettingforewarned with this information is the first step towardsbeing forearmed, so it’s a good opportunity for me toreiterate that if you are not yet subscribing to theoutstanding alerts, advisories, reports and other
Topics
ICS Security
SCADA Security
Industrial CyberSecurity
Industrial Security
PLC Security
IndustrialNetworking
IoT Security
Industrial Firewall
Industrial NetworkSecurity
Stuxnet
Strengtheningthe SecurityPosture ofCritical EnergyInfrastructures– ConversationwithEnergySec’sNew PresidentSteve ParkerSeptember20th, 2016
IndustrialNetworking:5 Steps toBenefittingfrom the IIoTDecember2nd, 2015
View More
invaluable resources from ICS-CERT, do so right now!)
In late 2017, Belden’s Tripwire group once again teamedwith SANS Institute on their annual survey of ICS andplant operations engineering professionals to helpprovide a little insight. Among the disturbing findings:nearly 70% of respondents—insiders all—consider thecurrent threat to their systems to be high orsevere/critical. Their biggest single concern, they report,are devices unable to protect themselves being added tothe network. A top attack concern is ransomware, which isexploding, with levels nearly doubling year over year. Thisis the environment that we are in today.
Leverage the expertise on the other side of the house
While we at Tripwire and Belden have many OT clientswith fairly sophisticated cyber security resources, I believethat certainly, for the vast majority of organizations, thebulk of cyber security expertise resides in the ITdepartment. After all, they have been doing it far longerthan their OT colleagues and have been building expertiseand organizational infrastructure over decades. And that’sgood news—it means that OT doesn’t need to reinventthe wheel and build a new organization from scratch.Instead, they simply need to bridge the gap between ITand OT to accelerate their ability to ward off escalatingthreats and continue bolstering their cyber security.
IT has plenty to learn from OT as well. OT’s earnedexpertise in prioritizing uptime and resiliency can nodoubt find applications in other areas of the organization,as can their unrelenting focus on safety. Safety, of course,had never before been a driving priority in the IT world,but it’s something that will need to become morepronounced as the silos between IT and OT inevitablycrumble.
So how can OT and IT pros ease the transition? In aperfect world, of course, the drivers will come from seniormanagement, who create the structure of theorganization and codify expectations in formal policy andprocedure “bibles” as well as in directions to their staff.But more informally, each of us can work to get to knowcolleagues on the other side of the “T” and reach out tothem for relevant advice, never forgetting that there is avital human element to the IT/OT convergence as well as atechnological one. Maybe ask OT or IT managers to set upjoint meetings focusing upon common goals. Ifappropriate, perhaps even ask for an embeddedcolleague; for example, an IT cyber security expert on full-or part-time loan to help with OT challenges. Allorganizations are different of course, but the OT/ITconvergence will no doubt be looked back upon as aturning point in industry’s fight for cyber security andfurther harnessing of technology for business success.Being an early, proactive leader in that regard certainly, ingeneral, seems like a good role to be playing.
For a look at some other cyber security trends andbusiness challenges, view our on-demand webinarChallenges and Checklists: Defending Control SystemCyber Assets.
We at Belden and Tripwire work with a lot of differentorganizations in varying stages along the IT/OT
organizations in varying stages along the IT/OTconvergence continuum. We might be able to provideinsight to issues you may be having. Call us and we’ll beglad to start a dialog.
Related Links
Blog: 70 Percent of Energy Security Pros Fear DigitalAttacks
Blog: How Plant Operators Can Overcome the Lan-guage Barrier to Securing OT Environments
Blog: The Human Attack Surface: The Weakest Linkin Your ICS Security
White Paper: Network Security
eBook: Industrial Cyber Security for Dummies
PREVIOUS POST70 Percent ofEnergy SecurityPros Fear DigitalAttacks CouldProduce a“CatastrophicFailure”
Robert Landavazo
Robert Landavazo is a Systems Engineer at Tripwire where hefocuses on helping customers secure their Industrial ControlSystems. He has a background in in the electric utility sector,most recently working to implement a NERC CriticalInfrastructure Protection (CIP) internal compliance programleveraging Tripwire’s own product suite. While at this utility,Robert worked in Operations Technology to support SCADA inDistribution, Transmission and Generation. Prior to his tenurein utilities, Robert worked in Public Safety, managingemergency communications infrastructure like NextGeneration 911, IP Radio and Computer Aided Dispatchsystems.
CommentsFirst Name*
Last Name
Email*
Website
Comment*
Subscribe to follow-up comments for this post
Additional information regarding Belden’s data privacy policies,including how to withdraw consent, is available atBelden.com/about/privacy.
By clicking subscribe below, you consent to allow www.belden.com tostore and process the personal information submitted above toprovide you the content requested.
protected by reCAPTCHAPrivacy - Terms
Yes, I would like to receive marketing information from Belden Inc. and itsaffiliates, subsidiary companies and brands indicated below. I thereforeprovide my consent to the use of the personal information submitted here forthe purpose of providing me marketing information related to Belden and itssubsidiaries’ products, services and marketing events. I understand that I maywithdraw my consent at any time.Belden Inc. affiliates, subsidiary companies and brands include: Alpha Wire;Belden Deutschland GmbH; Coast Wire & Tech; Hirschmann Automation andControl GmbH; GarrettCom; Grass Valley; Lumberg Automation, Poliron; PPCBroadband; ProSoft Technology; S-A-M (Snell Advanced Media); Softel Ltd.;Thinklogical; Tofino Security; Tripwire; and West Penn Wire.
Submit Comment
QUICK LINKS
Contact Us
Online Product Catalog
Find a Distributor
Find an Installer
Training
ABOUT BELDEN
Career Opportunities
Corporate Governance
Corporate Responsibility
Investor Relations
Locations
Our Brands
WHAT'S NEW
Blogs
Events & Promotions
New Products
News
BELDEN SITES
Belden APAC
Belden Brands
Belden Canada (French)
Belden EMEA
© Copyright 2018 Belden Inc. Terms of Use Terms of Sale Privacy Contact ! " #