IoT's popularity has introduced a newly converged IT/OT space where for most manufacturers more questions exist than answers. As a result, maintaining the status quo is not an option when securing this new environment.
Understand the need for visibility.
Between legacy OT systems and the addition of new IoT devices—often without documentation—many teams lack have an accurate view of what’s on their network, explains Nozomi Network co-founder and CPO Andrea Carcano.
“This lack of visibility makes it nearly impossible to effectively secure and monitor industrial networks, leaving many manufacturers unsure of where to start,” he says. “To transform the system architecture and achieve the required visibility, manufacturers should employ best practices and new technologies that can support them. This starts with inventorying all assets on the network. If the IT/OT team doesn’t know what they have, they can’t protect their assets or segment the network for better resiliency.”
Visibility also enables operational efficiencies and potential cost savings. For example, an inefficient network link with unusually high bandwidth usage can be easily identified and corrected. And once the full network is visible, it can be monitored on an ongoing basis for deviations. Manufacturers can then easily spot vulnerable areas and assets in need of protection—and oversee an efficient, resilient system.
In fact, a factory’s path to digital transformation reaches across the entire value chain, from product development to distribution—and beyond. With comprehensive, real-time operational visibility, plants can increase productivity and close security gaps.
Without visibility into operational technology and industrial control systems (ICS), it’s difficult to stay on top of what’s happening on the network. “One small change or networking issue can impact product quality, production uptime, plant safety, and revenue,” says Carcano. “While a fast response to anomalies is critical, spotting issues requires real-time visibility into plant assets, connections, communications and more. Unfortunately, these are capabilities that many manufacturers lack.”
Embrace best practices.
As the number of IoT devices finding their way into manufacturing environments increases, it’s important to remember they represent security risks. The best way to minimize risks is to embrace proven best practices. Some examples include:
- Creating separate networks. “Many Wi-Fi routers have the ability to create multiple networks so employees across the organization can connect to the network without gaining access to shared files or networked devices,” says Morey's Alan Mindlin. “By connecting IoT devices to separate networks, this one-off connection can act as a buffer to ensure that no one outside of the organization has immediate access IoT devices shared files and other kinds of encrypted data.”
- Being mindful of IoT devices. While visibility is crucial, manufacturers need to leverage the insights it provides to track everything connected to the network and monitor the flow of traffic. “IoT devices must be assessed regularly to determine the level of access they should have, stay fully patched and up-to-date, and protect data end-to-end to preserve its integrity,” says Mindlin.
- Keeping firmware current. In order to make sure IoT devices are equipped with the latest security patches, manufacturers need to keep their firmware fully updated to reduce the chances of a successful cybersecurity attack. When manufacturers regularly update devices, its significantly easier to address vulnerabilities and exploits as they emerge.
- Adopting a cybersecurity framework. Adopting a cybersecurity framework that IT and OT can collaborate on, so they can protect their production, people and reputation while preserving the bottom line is crucial. Top manufacturers are researching and selecting a cyber security framework to follow, such as IEC 62443 NIST, or NIS, explains Carcano. “These frameworks offer guidelines for cyber security best practices and tools for facilitating their implementation. With a trusted framework selected, manufacturers can identify the right people, processes and tools required for robust cyber security hygiene,” he says. “From an accurate asset inventory to identifying potential threats, manufacturers can follow industry guidelines and best practices to attain next-level cyber security resiliency.”
- Having a response plan. Manufacturers should also develop an incident/emergency response plan in the event something happens. “A lot of manufacturers are facing small margins and perhaps cannot afford the expertise to help design a secure digitalization roadmap or incident response plan,” says John. “If that’s the case, engaging with associations helps. Other members are often facing the same challenge and pooling resources can prove helpful. Organizations like the Charter of Trust can provide actionable cybersecurity steps all manufacturers can take to better protect the value we all deliver to society.”
Feed the collaborative spirit.
With divergent priorities, bringing OT and IT teams and systems together can feel like an uphill battle. And as more systems converge, the vulnerability points and potential risks only continue to increase. “Everyone benefits when teams balance their dueling priorities and tap into each other’s unique expertise,” says Carcano. “IT can advise on cyber security issues and processes while OT keeps production systems running and prevents downtime. Together, these functions make holistic threat monitoring and secure data flows possible, to reduce blind spots and minimize security risks.”
According to Carcano, collaboration between IT and OT is critical to reducing the blind spots and security risks surrounding highly connected industrial control systems. As “smart” factories leverage more IoT technology, and OT networks become more connected to business networks and the cloud, the IT/OT divide culture puts business at risk. “The insights derived from IT/OT convergence can optimize factory operations, enhance equipment utilization, enable predictive maintenance, and improve cyber security,” he says. “And the benefits don’t end there. These converged insights create a more scalable system, ready to tackle new logistical challenges.”
Security gaps related to people, processes and technology can have a big impact on operational resiliency too. “The separation of IT and OT, combined with increasingly connected industrial control systems, can lead to cyber security blind spots,” says Carcano. “But with the right technology and a focus on best practices, manufacturers can improve their operational resiliency.”
Interested in learning about how these two environments differ? The first half of this IndustryWeek print feature provides solid insights.