For as long as I’ve been working, there have been long-established differences between operational technology (OT) and information technology (IT) networks. Over time, technology has evolved to make it easier to integrate both networks, as well as to combat their increasing attack surface and the threats that accompany them. However, few manufacturers have modernized their industrial networks. This leaves many organizations at a higher risk of cybersecurity events while also stifling their productivity, agility, and adoption of next-generation technologies that will transform their operations.
The Difference Between IT and OT Networks
Operational technology requires a network with high levels of resiliency, availability, and industrial protocols. Perhaps one of the largest challenges is organizational. Trust and flexibility are very important to manufacturing. The manufacturing team must trust that their network will not be patched or modified during production. And should they need to adjust the factory line, they can do so quickly and with minimal interruption. This all comes down to the need for a network that will aid them in the delivery of cost, quality, and throughput goals.
On the flip side, those responsible for cybersecurity (CIO, CISO, or InfoSec) are deeply concerned with the risk of a potential event and security regulations. This includes topics like ensuring good security hygiene, visibility across all networks and devices within the enterprise, and the ability to detect, investigate, and remediate security events. However, this is often not achievable because the networks and equipment at most risk are owned by OT and are often selected without thought for cybersecurity and overall long-term management, and are off limits to traditional network, security, and IT teams.
What Is at Risk?
Having different organizations involved is not the real risk. Many organizations with integrated OT/IT security policies have successfully worked together to improve security posture and industrial operational capabilities. The real problem is the unmitigated risks and the network itself.
Most operational technology environments are full of diverse industrial products, end-of-life operating systems, and major limitations not typically found on an average managed device. For example, only 55% of organizations that use SCADA or Industrial Controls System (ICS) have role-based access control—or can even support it at industrial endpoints. Attackers are going after high-value targets and their operational technology networks. A compromised network results in major remediations costs to repair operational, financial, and reputational damage. Whether it’s lack of security tools, or end-of-life and unpatched industrial network gear, the results are the same: exposure to a significant level of risk.
Due to the long lifecycle of operational technology, most manufacturers will never be 100% latest and greatest. This means OT will never be capable of complying with the latest security standards nor support the security monitoring tools necessary to combat threats. Modern networking augments these endpoint shortfalls and provides alternatives and additional layers of security to protect both operational technology and the balance of the organization.
The Good News
Technology has come a long way in regards to addressing the convergence challenges of IT and OT organizations while also unlocking next-generation capabilities to improve operations. Today’s reality includes solutions that allow both sides to achieve their goals with entire product lines of industrial switches, routers, firewalls, and software suites designed to turn your industrial network into a security platform.
For example, in the past, a switch owned by operational technology wasn’t visible to IT, it didn’t support deep packet inspection, it didn’t perform access control or scan for potential threats in network traffic, and it surely did not integrate network logging with the enterprise team’s security information and event managements (SIEM) platforms.
Now, solutions providers like Connection can readily deliver highly resilient industrial switches that integrate into existing networks easily while also providing a single pane of visibility to security teams, offer deep packet inspection of both ethernet and industrial protocols, and monitor all traffic down to the edge. Combine this with the ability to allow both IT and OT to manage the network devices themselves, and now your organization can introduce the latest networking technologies to advance manufacturing while also transforming your industrial security posture. Whatever challenges exist in your environment, there is a network that can deliver security and a platform that supports your organization’s growth and industrial transformation goals.
To learn more about how Connection supports our manufacturing customers with their broader industrial and IT security challenges in networking, security, and industrial transformation, visit our manufacturing showcase today.