Best Practices for a Successful IT/OT Convergence Strategy

Focusing on the Future Could Send You Back to the Stone Age

If you’re like other manufacturers, you might be looking ahead at the future of the manufacturing industry. While manufacturing has traditionally been anywhere from a few to even a decade behind other industries in terms of technology, the industry is starting to catch up. For the past few years, discussion on how to leverage data from operational technology (OT) and how it fits into an IT/OT convergence strategy has picked up.

The benefits of an IT/OT convergence strategy are plentiful, so it makes sense that manufacturers would seek to bring their OT into the fold. By connecting OT with other networks, which traditionally have remained separate, manufacturers strengthen their ability to improve plant productivity, reduce costs across the board, streamline inventory management, and view manufacturing data in real-time for better insights and decision-making.

However, IT/OT convergence strategies present a significant cyber risk for manufacturing and come with just as many perils as benefits. There are a number of reasons for this. Chief among them is the fact that most OT networks, such as supervisory control and data acquisition (SCADA) systems and industrial control systems (ICS), are both expensive and old. Because OT networks control basic tasks, the operating systems behind them don’t require as much updating or replacement. Everything just runs. Why invest all those resources again into fixing what isn’t broken (at least on the surface)? 

And yet, despite the safety measures that are built into these systems, new and more sophisticated attacks show up in headlines. This is because many OT systems were designed with little to no security. Until recently, it wasn’t much of an issue, but this is no longer the case. Advanced attacks, such as Triton, continue to show up in the news despite first debuting more than two years ago. While the manufacturing industry and cybersecurity experts have made progress in thwarting these attacks and strengthening infrastructure, it’s clear that there is more work to be done.

The good news is that much of it can (and should) be done before you even begin the process of converging OT into your own exploration of the Industrial Internet of Things (IIoT). It all starts with being proactive, utilizing cybersecurity technology, and emphasizing security.

1. Take Stock of Your Needs and the Risks

Prior to implementing an IT/OT convergence strategy, it’s important to understand and define what you’re trying to achieve. For example, one of the leading reasons to bring OT into the modern era is for better data and better decision-making. But consider the ramifications of a breach. Certain attacks aren’t always meant to steal data. 

Many attacks, such as the Stuxnet worm, are simply meant to wreak havoc on infrastructure — while insidiously communicating normal operations back to users. Stuxnet is nearly a decade old and typically spread via USB drives, but it has propagated similar attack types that all share the purpose of creating confusion, damaging infrastructure, and subsequently halting operations.

Imagine if you were to converge your older OT network with a newer network for the purpose of gaining greater insight into productivity and performance. An attack like Stuxnet would tell you and your team what you wanted to hear, and yet your facility and processes would be damaged and likely failing. Understanding your goals will help shape what to look for and consider in terms of bringing OT into your everyday network.

2. Review Your Existing OT Network for Vulnerabilities

Because most OT is old and running on outdated systems and equipment, the amount of vulnerability present is staggering. Often, OT hardware and software are only patched on a minimal level to keep them running exactly how they were designed. Nothing else. Additionally, many manufacturers have not taken the opportunity to secure these networks because of their traditional separation from the Internet and other internal networks.

If you’re going to breathe new life into your OT for an IT/OT convergence strategy, you absolutely must do all that you can to ensure your OT is secure from the start. Doing so requires a number of steps that go well beyond the simple virus scan, as OT networks are often extensive in scope and depth. Broad cybersecurity solutions must be implemented so they can both evaluate existing networks for any threats and continually monitor them to identify any threats that may show up later.

3. Make Security the Priority Above All Else During Execution

Prior to implementing your IT/OT convergence strategy, a number of other steps should be taken to cast a wide and deep net of security. These include establishing role-based access controls, segmenting OT from other networks, identifying all assets used so they can be easily found in the event of an incident, isolating devices that might be causing issues, monitoring traffic and analyzing user behavior, and following applicable compliance standards. 

It’s a lot, which is often why it’s to manufacturers’ advantage to entrust everything to proven experts that possess the systems and flexibility to manage and report on them. While the idea of outsourcing security to a third party might give some manufacturers cause for concern, doing so also provides a measure of independence and accountability. You should do all that you can to ensure the security of your entire environment, but relying on a proven third party can give you peace of mind in knowing that your efforts were justified or need improvement. 

Let Us Help with Your IT/OT Convergence Strategy

At Inversion6, we partner with manufacturing companies to provide that extra level of security, knowledge, and accountability that manufacturers need to move forward with confidence. Our chief information security officers (CISOs), team of security experts, and extensive experience combine to create an entirely new level of protection for the industry that works hard day and night to produce the critical items consumers and businesses need.

If you’re looking to strengthen your security for the months and years ahead, our team is here to help. Fill out the form below to get started.