Meet Armis at Black Hat 2024

Learn More
Oct 14, 2021

Chapter 1 – IT/OT Convergence has Already Changed Your Industry. What’s Next?

Are you prepared for the cybersecurity challenges of Industry 4.0?

At the core of this new industrial era is the convergence between information technology (IT) and operational technology (OT). That’s a paradigm shift in which two separate organizational silos – IT and operations – come together and pave the way for the Industrial Internet of Things (IIoT).

OT/IT integration enables industrial infrastructure – from machinery in a factory to irrigation systems – to exchange data with other devices and systems over the internet. The operational efficiencies are unquestionably high – so are the cybersecurity risks.

Securing Operational Technology is More Complex Now

Operational technology involves the equipment, sensors, and systems deployed in critical infrastructure and manufacturing plants. Think of traffic control lights, electric grids, programmable logic controllers (PLC), supervisory control and data acquisition (SCADA), robotic arms, and other types of factory machinery.

The evolution of OT security has traditionally been slow due to:

  • Higher device lifecycle. Industrial technology is expensive and not replaced as often as enterprise computers, for example. OT investments often involve significant planning, employee training, and government subsidization.
  • Lower perceived risks due to air gap measures. This strategy consists of the separation between OT and traditional enterprise IT networks. For this reason, many vendors didn’t bother in designing strong security controls for their OT devices.

The OT World we Knew No Longer Exists. It’s Already Converged

The manufacturing industry has significantly changed due to increased IT/OT alignment.

Information technology (IT) is all about data. When combined with OT, it has the potential to improve industrial efficiency and reduce costs. With real-time access to data, manufacturers can achieve:

  • Real-time decision-making
  • Reduction in unplanned downtime
  • Agility and consistency across processes
  • More efficient use of equipment and staff
  • Elimination of unneeded hardware and software
  • Cost reductions

IDC predicts that, by 2024, 60% of industrial organizations will have endpoint data from OT integrated with cloud-based reporting and analytics. This move enables organizations to have a sitewide operation awareness of their environment.

There are few ways in which IT/OT integration is taking form:

  • Operational technology is connected to traditional enterprise networks or directly connected to the internet.
  • Some devices are connected to other devices via peer-to-peer protocols such as Bluetooth.
  • Operational technology is built on top of common platforms such as Windows, Linux and Android.
  • The proliferation of wireless devices (for example, smartphones and tablets) in OT environments has exploded over the last years with the rise of the Internet of Things.

This IT/OT alignment is driving a new phase of the Industrial Era:

  • The first stage of the Industrial Revolution represented a shift from manual labor to the adoption of machines and steam-powered engines in the period between 1760 and 1820.
  • The second stage of the Industrial Revolution took place between 1870 and World War I. It’s also known as the Technological Revolution, as it came with the introduction of electricity and mass production. The advent of assembly lines, for example, dates back to that era.
  • The third stage of the Industrial Revolution, often referred to as the Digital Revolution, leveraged electronic technology such as the use of computers to replace mechanical processes in the second half of the 20th century.
  • The fourth stage of the Industrial Revolution – or Industry 4.0 – has been propelled by the Internet of Things (IoT) and the IT/OT integration. Digital transformation efforts such as automation, artificial intelligence, cloud computing, and ubiquitous interconnectivity are shaping this new era of innovations.

Industry 4.0 Technologies Open the Door for More Sophisticated Attacks

IT/OT convergence dissolves the air gap that has protected operational technology in the past. When old school machinery is connected to new technologies for more effective tracking and monitoring, they become more vulnerable to modern-day attacks, continually growing in sophistication.

2019 study conducted by Forrester Consulting on behalf of Armis indicated that 66% of manufactures had encountered an IoT-related security incident in the previous two years.

This study also unveiled IoT security decision makers’ high level of concern regarding:

  • External hackers (84%)
  • Viruses, network worms, and other malware threats (80%)

Manufacturers are more worried about attacks leading to downtime, disruption to business operations and environmental risks, which can all lead to significant financial loss. Such are the national and economic implications of attacks against critical infrastructure that president Joe Biden is making cybersecurity a top priority of his administration.

Attacks against OT environments can cause the shut down of entire assembly plants or critical infrastructure services. Here are some examples of incidents that garnered media attention in 2021:

  • Florida water systemAn attacker broke into the system of a water treatment facility in Oldsmar, Florida, to increase the levels of sodium hydroxide, which would poison the water supply. An employee noticed the intrusion and was able to restore chemical levels to normal.
  • Colonial PipelineAn attacker gained access into the network of the largest fuel pipeline in the U.S. through a VPN account (using a compromised password) and threatened to leak company data. Colonial temporarily shut down its entire pipeline operations, causing gas shortages in parts of the country. The company also decided to pay a $4.4 million ransom to unlock its systems.
  • JBS Foods: The world’s largest meat supplier was a victim of a ransomware attack and paid $11 million in bitcoins to resolve the incident and limit the potential impact on grocery stores, farmers, and restaurants.

Overcoming the IT/OT Convergence Challenges

Traditional OT and IoT devices were not designed with strong built-in safeguards, don’t produce logs, and cannot support the installation of security agents. In other words, they are unmanaged:

  • They can communicate with other devices, existing systems, or networks to process and transmit information.
  • But they don’t accommodate traditional security tools, such as agents that monitor and protect devices and systems from threats.
  • Examples include robotic arms, inventory systems, printers, smart TVs, Bluetooth keyboards, security cameras, vending machines, smartwatches etc.

The lack of visibility into unmanaged devices is one of the challenges of securing Industry 4.0. Traditional IT security is based on agents to be installed in the endpoints. It’s good for monitoring and protecting managed devices, such as desktops, but it doesn’t work for OT and IoT devices. In addition, network traffic control tools lack a contextual understanding of how unmanaged devices are used.

IT/OT convergence requires a new approach to cybersecurity that gives visibility into unmanaged and IIoT devices. This type of visibility is necessary to know:

  • What the device is.
  • How it usually behaves.
  • What type of risks or vulnerabilities it has.

Enabling Holistic Decision-Making to Thrive in the IIoT Era

As a leader in Industry 4.0, global supply chain company Flex knows well the importance of device visibility for a successful IT/OT implementation. Friedrich Wetschnig, CISO and VP of Enterprise IT at Flex, explains that IT/OT integration enables a holistic view of the factory floor and the KPIs.

To secure its Industry 4.0 initiatives, Flex partnered with Armis to identify, monitor, and protect its digital assets. Our agentless solution is able to track and manage both managed and unmanaged devices. When Armis detects suspicious behavior, it establishes network segmentation to isolate the threat.

“The importance of asset discovery is that you can’t deal with a problem if you don’t know what it’s.”
~ Friedrich Wetschnig, CISO and VP Enterprise IT at Flex

A Blueprint for Successful IT/OT Integration

A manufacturer’s IT/OT implementation playbook should consider the following steps:

1. Invest in Comprehensive Asset Visibility

Knowing what you have on your network is the first step to succeed in this Industry 4.0 era. Organizations need a security platform that works for both managed IT devices and unmanaged OT and IoT devices. All communication pathways that could be explored, such as Bluetooth, Ethernet and Wi-Fi, need to be continuously monitored.

That’s why security solutions for Industry 4.0 need to:

  • Offer comprehensive device visibility.
  • Provide ample communication coverage.
  • Meet the most important security frameworks.
  • Be agentless.
  • Provide real-time, passive monitoring.

2. Establish an Industry 4.0 Strategy

With increased visibility into your environment, it’s time to start mapping the opportunities and challenges that IT/OT convergence brings  to your organization. The goal of a cybersecurity framework for IT/OT alignment is to ensure the interoperability and security of all of your company’s digital assets.

Leaders should consider these questions:

  • Why does your organization need IT/OT integration?
  • How does technology impact your key performance indicators (KPIs)?
  • Is there alignment across your organizational silos?
  • What could happen if your systems are hacked?

3. Build a Cross-Domain Team to Foster Collaboration

Plant managers are the ones who tend to take the initiative to push forward cybersecurity investments because they have a more holistic view of the organization. But IT/OT convergence is also contributing to the creation of new leadership roles.

Gartner predicts that, by 2025, half of manufacturers and utilities will have converged cybersecurity and operations security teams under the role of a chief information security officer (CISO), reporting directly to the CEO. Unified management of OT and IT resources is fundamental to secure all digital assets in IIoT environments.

4. Create Awareness and Secure Funding

Investments in technology are both a technical and strategic decision. Industrial modernization involves significant funding and, for this reason, requires alignment between technical staff and the leadership team.  It’s crucial to create awareness of the limitations of traditional IT solutions in protecting OT devices, and the impact that cybersecurity breaches could have on production.

Armis Agentless Device Security Platform Protects all Devices

Armis works with all devices because it does not use agents and does not perform disruptive network scans. Real-time passive monitoring is critical to avoid system crashes and disruptions. To learn more about how to secure IT & OT in industrial environments with Armis, download our white paper.

Read all of the IT OT Convergence Playbook Chapters:

  1. Chapter 1 – On OT Convergence 👈 you are here
  2. Chapter 2 – OT Airgap Dissolved 👉 read next chapter
  3. Chapter 3 – Critical Infrastructure Protection
  4. Chapter 4 – Secure and Monitor Industrial Environments
  5. Chapter 5 – Comprehensive Network Visibility
  6. Chapter 6 – Passive Network Monitoring
  7. Chapter 7 – Best Practices to Protect Industrial Assets
  8. Chapter 8 – ICS Security Risk Assessment
  9. Chapter 9 – OT Cybersecurity Frameworks
  10. Chapter 10 – Implementing Zero Trust Framework for ICS
  11. Chapter 11 – Armis CIS Controls protection
  12. Chapter 12 – Mitre Att&ck for ICS
  13. Chapter 13 – 2021 Ransomware Attacks
  14. Chapter 14 – IT/OT Integration Best Practices
Get Updates

Sign up to receive the latest from Armis.