Securing operational technologies (OT) was a topic of great interest in 2021. However, most of that activity revolved around information gathering and looking at options on how to reach OT security goals.
Starting in 2022, the real work must begin. Let’s look at five key OT security practices that stand to gain significant traction this year going forward.
1. On-premises IT/OT convergence
For security reasons, OT has traditionally been placed onto one or more separate and air gapped networks. However, advancements in IT infrastructure management tools and the need to combine data and provide end-to-end visibility of all digital assets within a building, a convergence of IT and OT networks is a great strategy for most organizations. Not only does this reduce cost and complexity, but it also limits the number of remote access paths into the infrastructure that could be exploited.
2. Migrating OT apps and data into secure cloud-managed environments
Commercial property owners and operators often struggle when it comes to maintaining the security posture of OT management tools within their facilities. Neglecting to properly secure OT management interfaces can lead to a growing number of complications including denial-of-service (DoS) attacks, malware infestation and sensitive data theft.
Instead of hiring the right in-house technical talent to perform these critical duties, however, some owners/operators are working to migrate OT management applications and services out of their buildings and into the cloud by way of a software as a service (SaaS) solution. Doing so puts the onus of data protection, patch management and remote access technology upkeep into the hands of the technology service provider who likely is more capable of adhering to best-practice security methods.
3. Securing remote access deficiencies
Easily the biggest concern for building owners that wish to secure operational technologies deals with remote access methods. In many cases, OT such as HVAC systems, surveillance cameras and elevators are managed by third-party integrators. Unfortunately, it’s often the case that these integrators aren’t necessarily savvy when it comes to infrastructure tech and how to secure it on modern IT networks. This leads to a significant increase of network breaches that can occur through insecure remote access entry points that are improperly secured and maintained.
To counter this problem, it is advised that all remote access connectivity be merged into a single entry point. Doing so allows for better security monitoring and simplified patch management. It also significantly reduces the risk of supply-chain attacks where bad actors access building systems through third-party partners.
4. Centralized OT logging and analysis
The beauty of merging OT with IT onto a unified network is the fact that OT systems can take advantage of artificial intelligence for IT operations (AIOps) and network detection and response (NDR) platforms that already exist to protect traditional IT assets. These modern tools ingest collected IT/OT data from multiple sources and intelligently analyze this data to automatically identify and provide remediation steps related to infrastructure performance and cyber security threats.
Business owners that are seeking to deploy OT-based IoT devices such as temperature/humidity/air quality sensors will want to make sure that their assets are being closely monitored. Many IoT sensor manufacturers do not adhere to cyber security best-practices. Thus, a layered approach to protecting these assets is warranted. Additionally, it’s common that the dozens to hundreds of IoT sensors that are deployed – or are planning to be deployed – will not have the necessary security firmware patch updates applied in a timely manner. Having a centralized log collection and AI-backed analysis tool offers an added layer of protection for the business that can proactively identify threats and/or vulnerabilities before bad actors can identify and take advantage of them.
5. Patterns are forming in the world of OT cybersecurity
Although there are many ways to protect OT assets within smart buildings, the methods and technologies mentioned in this article are becoming widely popular. Property owners understand the benefits of smart technologies and are seeking to implement them as quickly as possible. However, recent media headlines about OT security incidents are waking property owners up to the growing number of threats that are squarely focused on OT.
Therefore, any OT project that revolves around network connected hardware/software platforms will require significant cyber security protections to be integrated into any implementation project. That’s why it’s becoming so important to formulate and closely adhere to a flexible, scalable, unified and cloud-centric security framework.