There are several factors companies must consider as they connect more devices to the Internet with the objectives of improving operating efficiencies, business insights and decision outcomes. But how do they succeed with IIoT initiatives given differences in device lifecycles, data stacks, downtime tolerances, operating environments, skill sets, user bases, and vulnerabilities?
The first step is OT/IT convergence. OT and IT teams must work together to realize the promise of IIoT while thwarting threats against the expanded attack surface that connecting critical infrastructure to the IT data network creates.
The second is to develop a cybersecurity strategy based on the premise that the organization is already compromised. This is challenging enough for IT teams already struggling to keep up with cloud adoption, hybrid architectures and endpoints that have erased the conventional perimeter.
For OT teams that have largely operated free of data networks and rely on vendors for news about updates and vulnerabilities, cybersecurity is an unfamiliar, yet clear and present danger. Connecting OT devices to the IT network securely can overwhelm both teams due to the scalability and interoperability issues involved with connecting industrial control systems (ICSs) or smart building control systems (BCSs) to the TCP/IP stack.
IIoT cybersecurity defense is beyond the scope of conventional IT security solutions, such as firewalls, intrusion prevention/detection, web gateways or endpoint/user anti-virus protection. And ICSs or BCSs were not designed for TCP/IP connectivity, nor do OT teams have knowledge of IT security systems.
Criteria for Converged Infrastructure Cybersecurity
When evaluating a solution for protecting converged infrastructure the key criteria for OT/IT teams to consider include what I call the critical “ities” – availability, visibility, reliability, scalability, manageability and security.
Availability (and Resilience)
Uptime is particularly critical for OT systems. Having visibility into devices and network provides the data to ensure availability. However, in the event of a cyberattack, OT systems, such as patient ventilators, purification and filtration devices, ship navigational systems, or jet engines simply cannot go down. A converged infrastructure solution must operate with the efficiency needed to facilitate uptime while protecting systems against cyberattack. As part of an already-compromised approach to security strategy, resilience is more important for cybersecurity teams to quickly identify and respond to an attack to minimize the impact of risks. These risks include business interruption, intellectual property loss, private data theft, regulatory noncompliance, reputational damage, and physical plant and personal injury, including potential loss of life.
Visibility
Visibility consists of two components. First, teams must have visibility into the devices – both OT and IT – that are connected to the network. Knowing who your users are, including those users that are machines, drives policies and authentication rules about which “users” can access which systems.
Once users are identified, verified and authenticated, companies need visibility into the traffic flowing across their environments, including private and public clouds, and what users are doing with the systems and data they are authorized to work with. Modern self-healing IT solutions increasingly automate monitoring by leveraging AI, machine learning and real-time analytics technologies to ensure application performance and user experience.
Reliability
In the IT world, “five nines” reliability has been a required criteria in telecommunications networks for decades. In more recent years, this level of reliability has spread to e-commerce, video streaming and other applications where customer satisfaction and loyalty correlate to user experience.
While providing different “services”, OT systems have been built for reliability that extends to life-or-death situations. Protecting the expanded attack surface of converged infrastructure without sacrificing reliability is a key criterion for a converged infrastructure solution. Such a solution must cut across different operating environments and protocols subtly and without the disruption or a performance tax.
Scalability
Converging OT and IT systems implies scale. The reason for doing it is to realize the objectives stated above by harnessing more data inputs from more sources. However, as we’ve seen in the IT world, scalability also often applies to costs. IT teams struggle to reconcile a do-more-with-less budgeting process with the mandates of meeting SLAs and GRC (governance, regulatory, compliance) and security requirements.
OT teams operate in a more cloistered environment that to date, has mostly escaped the scalability requirements and challenges faced by their IT counterparts. OT teams don’t think about cloud, data centers, TCP/IP transmission challenges, interfacing with business critical IT applications or user experience on a global scale. Meeting the cybersecurity demands of a scaled and converged OT/IT infrastructure is another top priority of a converged infrastructure solution.
Manageability
Each of the criteria above should come with key performance indicators (KPIs). KPIs provide the means to measure infrastructure performance against organizational objectives and quickly identify and remediate deviations from benchmarks. As network complexity continues to grow – especially as OT devices are added to the IT network – teams must deploy modern technologies that enable KPIs to inform processes. An overlay cybersecurity solution for converged systems must be easy to manage, predicated on the ability to interface with both OT and IT management systems.
But manageability also includes people. To effective ensure efficiency, safety and security of high-leverage infrastructure, OT and IT teams need to establish an environment based on communication, collaboration and trust, with clearly defined roles and responsibilities. This ensures agility and resilience for faster response times in the event of an attack.
Security
Converged infrastructure is only as valuable as it is secure. Attacks on critical infrastructure have become a frequent occurrence as bad actors, including nation states, seek to disrupt or disable essential services or to gather intelligence into strategic operations and planning. Securing this infrastructure requires a modern solution that can be implemented with relative ease, little to no disturbance to the operating environment, and at minimal cost, including headcount.
While IIoT initiatives are intended to advance business objectives, the principal objective of a cybersecurity solution is to protect critical infrastructure against catastrophic loss. Connecting more OT devices to the IT network significantly expands the attack surface, raising the stakes for OT/IT teams to an unprecedented level. OT and IT teams need to be versed in their respective stacks to better understand architectures and cybersecurity requirements.
AI-driven systems can teach machine users resilience. However, human users – the weakest link in the cyber kill chain – need training on techniques and policies for safe and secure operations. With a cohesive converged cybersecurity strategy, OT and IT teams can be instrumental in helping companies achieve the promise of IIoT.
Implications for Legacy Firewalls and Segmentation
Traditional firewall and VPN solutions were not architected for IIoT. They were designed to protect against earlier generations of malware. As such, they are no match for the IIoT threat environment.
These tools have many drawbacks:
- They are impossible to keep current, overwhelmed by the frequency, variety and scale of IIoT cyberattacks.
- They require time-consuming manual efforts, including writing custom scripts, configuration and implementing policies on physical devices.
- They come with a high performance overhead, making them inefficient and costly to maintain.
- They are error prone, and generate so many false positive alerts that beleaguered administrators either configure them to catch only the most basic known malware or ignore the alerts altogether.
- They increase risk exposure by allowing intruders to operate undetected and undeterred for long periods of time.
Due to these shortcomings, we’ve already seen a shift in consumption away from deploying and managing devices toward subscription-based models. This trend will continue as security teams seek to reduce hardware sprawl and complexity.
However, even as a subscription, these tools will still not provide adequate defense against IIoT attacks. Vendors may try to add functionality through bolt-on acquisitions or internal development. But as we’ve seen time and again in this industry, the usual outcome is a patchwork quilt of solutions that are not seamlessly integrated, causing more headaches for customers. As such, the market for legacy firewall segmentation solutions is expected to gradually slow and then decline over the next 5-7 years.
Given the future growth of IIoT, demand is expected to shift towards purpose-built cybersecurity platforms that bridge OT and IT. Such platforms are better equipped to deal with the rising threats to critical infrastructure and the myriad of devices that will be connected to the Internet. Over time, as firewall segmentation technologies further commoditize, that functionality may even be subsumed by these next-generation IIoT cybersecurity platforms.
