ROK: IT-OT Security: Grasp Main Goal

Tuesday, November 15, 2016 @ 10:11 AM gHale


By Gregory Hale
Security professionals on the IT and the OT sides of the house have to not only be able to work together, they have to truly understand the main goal.

That goal is keeping the manufacturer’s systems – from the IT enterprise to the OT processes – up and running at all times.

RELATED STORIES
ROK: Securing Connected Enterprise
PSUG: Designing a Security Program
IoT Attack Scare: Is Industry Ready?
Network Visibility with New Platform

“You have to understand the business outcome,” said Caglayan Arkan, general manager of Microsoft’s worldwide manufacturing and resources sector enterprise and partner group during a panel discussion at the Automation Perspectives conference at Rockwell Automation’s Automation Fair last week in Atlanta.

The panel, hosted by Sujeet Chand, senior vice president and chief technology officer at Rockwell Automation, featured major IT companies Microsoft and Cisco and a leading university focused on security, Georgia Tech.

“It is about humans working together,” said Jeff Reed, senior vice president and general manager, Enterprise Infrastructure and Solutions, Cisco. “It is really about getting the teams together and ensuring security. IT and OT need to work together, and manufacturing needs to help bridge that divide.”

In talking about IT and OT working together, Francis (Bo) Rotoloni, deputy director of research and principle research engineer for the Information and Cyber Sciences Directorate, Georgia Tech Research Institute, likened it to dogs and cats getting along. “You get to start them young and they get along well. Enterprise IT didn’t understand the OT side. You have to get the two groups together so they understand the packet that is going through does not brick the system. Now, they both understand they have a common enemy – and (that enemy) does not care what they do.”

Attackers really don’t play by the rules, they don’t follow standards, but they know what they are. Instead, their goal is very single minded, they want to get into a system and they want to get in via the easiest method as possible.

“We monitor threat landscape on a daily basis,” Rotoloni said. “Bad guys try to use the most basic attack, whatever is the easiest. As the devices get more hardened, they just get more sophisticated. Advanced persistent threats are more advanced and attackers are more sophisticated.”

While some end users understand the security threat and are doing something about it, there are others, however, that are aware, but not moving forward with a security program. Either way, attackers will continue to probe and when the time is right jump in and take what they want. That is why as attacks ratchet up, manufacturers need to elevate their ability to monitor and adjust to what they are facing.

“There are more sophisticated ways to monitor security,” Reed said. “Networks (can end up used to) identify behavior and use the network as a sensor.”



Leave a Reply

You must be logged in to post a comment.