What is OT security and how does it differ from IT security?
Article by Gigamon Country Manager for A/NZ George Tsoukas.
Everyone has heard of IT, but what is OT? It is synonymous with operational technology and plays an important role in a wide range of businesses and industries around the world.
Let’s consider what OT is, its relationship to computing, and common problems faced by people who work with it.
OT is any hardware or software used to detect or cause a change in a system through direct monitoring. These can be sensors that keep a server room at a specific temperature or some sort of filtration system that purifies the water. It can even encompass the automatic regulation of electricity in a power station or the start and stop sequence of traffic lights.
Essentially, operational technology is a physical device that runs on a specific type of software that manages specific processes and events in a specific location or system.
SCADA (supervisory control and data acquisition) systems are common forms of OT used for industrial control systems. These help manage all aspects of human life, from energy consumption to monitoring natural disasters and beyond.
Since operational technology systems help control and manage many different and important parts of our personal and professional lives, it is important to protect them from damage and tampering.
Even small changes in the work of OT systems can create massive problems for a large number of people. Operational technology security evolved from a response to past tampering and the need to stop future problems before they started.
IT and OT often work hand in hand to accomplish specific tasks, but there are still differences between the two fields. Here are some of the key distinctions between IT and OT that help demonstrate this relationship.
Business vs Industry
A key difference between IT and OT is how the technologies are used.
Computer technologies are quite universal across industries. There are computers, printers, protocols (like HTTP, SSH, and RDP), and other network elements. A person working in IT for one industry can move to another fairly easily, as the technologies they use are largely the same.
In other words, IT deals with universal business software that can be used in a variety of situations, while OT does not.
In operational technology, this is not the case. OT uses very industry-specific processes. For example, many OTs operate in specific environments in specific situations. It may not have a screen to interact with. It is not as easy to move from one industry to another, because the technology is unique. While IT is business-focused, OT is industry-specific.
IT prioritizes privacy, OT focuses on security. Often, information technology focuses on storing, retrieving, manipulating, or transmitting information and data in one way or another. IT therefore focuses on keeping this information secure, allowing only the right people to access, analyze and manipulate the data.
Conversely, operational technology focuses more on security. An OT device can be tasked with maintaining an exact temperature in a server room so that servers and other technical equipment do not overheat and fail. For this reason, people who work with OT are more concerned with whether their technology is doing its job of keeping environments safe, rather than keeping data secure.
IT incidents are more frequent, while OT incidents are more destructive. A lot can go wrong when technology is involved and it’s possible to break a system just by using it incorrectly.
Maybe someone accidentally downloaded a corrupted file without knowing it. Or maybe someone with malicious intent tried to hack into a system to steal data or just to see if they could.
Whatever the reason, technology issues arise and affect IT and OT differently. For example, IT tends to have more touchpoints with the internet than OT, so there’s a much higher chance of an IT-related hack than an IT-related hack. TO.
This is why many news reports talk about stolen data rather than destroyed systems. Computer problems occur in far greater numbers.
However, if something goes wrong with operational technology, it is more likely to have devastating consequences. Data leaks can be partially repaired by changing passwords, recovering data, and contacting the customer, but an OT problem can have very real consequences in the physical world.
Consider an OT system that helps purify drinking water. What are the consequences if the system does not realize that the water it sends to people’s taps is not clean? How do these consequences compare to the consequences of leaking a password?
Finally, IT evolves and innovates rapidly. New patches are released almost weekly, depending on the specific services being used. There’s even a name for it: Patch Tuesday. That’s fine, because most IT work can be done while the patch is applied, but that’s not the case with OT.
In OT, an entire system must be shut down in order to install a patch. So, out of necessity, patches are not added as frequently for OT systems as they are for IT systems. For this reason, OT processes seem to lag behind other forms of technology. They can’t just release fixes that quickly or easily.
Why is operational technology security so important? Like all technologies, OT continues to evolve. Due to its nature, OT changes more slowly, although innovation is still constantly happening in the OT space.
Increasingly, OT systems are finding elements of the work they do online. The more connected they seem to other networks, the greater the chance of something going wrong. There are very real challenges when working with operational technology. Some of the most commonly discussed are:
- Lack of awareness of OT security issues
- Lack of visibility of the OT system
- Shared network infrastructure
- Difficulty patching OT
- OT/IT convergence creates more opportunities for security risks
- Remote maintenance is often done via an internet connection
- Third-Party Access Issues
- Not all company sites use the same OT systems.
These issues are handled differently from industry to industry. But as technology continues to evolve, it’s important that people working with OT look for effective solutions to these issues.
Look for a provider that provides complete visibility into the cloud, leaving no gaps. The right solution can help simplify and secure hybrid networks, allowing users to take full advantage of their data.