Detección de amenazas internas: The Undiscussed, Under Reported OT/ICS Cybersecurity Challenge
Regístrese ahora
The term IT/OT convergence is roughly synonymous with the terms digital transformation or industrial digitalization, which are now mainstream in manufacturing and other industrial environments.
Historically, OT networks were “air-gapped,” or physically isolated from external networks. By not connecting these devices to outside networks, the goal was to keep them safe from external risks. Thanks to the many benefits introduced by digital transformation, that’s no longer practical. Connectivity with IT networks enables asset owners to anticipate equipment failures, move from calendar-based to condition-based maintenance and provide secure remote access for the many contractors and OEM technicians who are in and out of their OT systems everyday.
This digitalization improves efficiency, but it also introduces new cyber risks. The challenge is how to securely connect IT and OT systems that need to communicate while preventing those that don’t from doing so. Oftentimes, unwanted communication links go unchecked, and vulnerabilities hide in plain sight based on the assumption that OT and IT are separated when they are not. Such assumptions increase the chance that malware on one network may spread and impact other networks. Without proper segmentation, firewalls and access controls, threats that begin in your IT environment can move laterally to your OT environment, and vice versa.
IT/OT convergence without sufficient attention to cybersecurity best practices in both environments has led to a dramatic rise in OT security incidents. The SANS 2024 ICS/OT Survey found that almost 50% of the attack vectors on OT assets are ultimately attributable to IT network breaches. In research by various cybersecurity vendors those estimates are even higher.
This diagram illustrates the complexity of IT/OT convergence:
The term IT/OT convergence is roughly synonymous with the terms digital transformation or industrial digitalization, which are now mainstream in manufacturing and other industrial environments.
Historically, OT networks were “air-gapped,” or physically isolated from external networks. By not connecting these devices to outside networks, the goal was to keep them safe from external risks. Thanks to the many benefits introduced by digital transformation, that’s no longer practical. Connectivity with IT networks enables asset owners to anticipate equipment failures, move from calendar-based to condition-based maintenance and provide secure remote access for the many contractors and OEM technicians who are in and out of their OT systems everyday.
This digitalization improves efficiency, but it also introduces new cyber risks. The challenge is how to securely connect IT and OT systems that need to communicate while preventing those that don’t from doing so. Oftentimes, unwanted communication links go unchecked, and vulnerabilities hide in plain sight based on the assumption that OT and IT are separated when they are not. Such assumptions increase the chance that malware on one network may spread and impact other networks. Without proper segmentation, firewalls and access controls, threats that begin in your IT environment can move laterally to your OT environment, and vice versa.
IT/OT convergence without sufficient attention to cybersecurity best practices in both environments has led to a dramatic rise in OT security incidents. The SANS 2024 ICS/OT Survey found that almost 50% of the attack vectors on OT assets are ultimately attributable to IT network breaches. In research by various cybersecurity vendors those estimates are even higher.
This diagram illustrates the complexity of IT/OT convergence:
