After the global outbreak of coronavirus 2019 (COVID-19), organizations quickly transitioned to remote work in order to enforce social distancing and to keep their employees safe. But this work-from-home
arrangement opened up organizations to more risk as well as less redundancy and resilience. That’s especially the case for organizations with operational technology (OT) assets, as these entities need to make sure that their dispersed teams and technology can swiftly respond to potential service interruptions. They also need to withstand the surge of attacks that the security community has witnessed over the past few months.
Many of these attacks have specifically targeted organizations and their OT environments. As an example of this, the New York Times
covered an announcement from the U.S., British and Canadian governments that Russian hackers had attempted to steal COVID-19 vaccine research. That type of information is invaluable, as it functions as a key by which government officials can reopen their nations’ economies. In attempting to steal it, those malicious actors could give an advantage to their home country’s government as well as sow uncertainty surrounding vaccine research efforts sponsored by Western countries.
Simultaneously, nefarious individuals abused the cover afforded by COVID-19 to target pharmaceutical and automotive organizations. Back in the beginning of March, for instance, TechCrunch
reported that a parts manufacturer for both Tesla and SpaceX had confirmed a data breach after suffering an infection at the hands of DoppelPaymer ransomware. Less than two months later, a U.S. pharmaceutical company disclosed a ransomware incident in which attackers had encrypted its servers and stolen corporate and employee information, as noted by Infosecurity Magazine
Growing Collaboration in Defending OT Assets against IT Threats
Some of us might have written off 2020, but the incidents highlighted above clearly indicate that bad actors haven’t. It’s therefore important that information technology (IT) teams step up their work with OT personnel in defense of their organizations’ business critical assets. Increased collaboration between these personnel would have a long-term impact on OT security in general.
Fortunately, we’re already beginning to see this. Indeed, before the global outbreak of COVID-19, IT and OT were fragmented. A few mature organizations had built out formal processes in an effort to bridge the gaps separating their teams. But they were the exception, not the norm, and even in those environments, silos still existed. In response, it took organizations a great deal of time to evaluate their security with respect to asset inventory and other basics. IT-OT fragmentation stood in the way of these assessments moving more quickly.
But as with so many other things, COVID-19 served as an impetus for change. It demanded that organizations be more flexible in their ability to adapt to new challenges, to solve for remote access and to be more secure. Many organizations have met this challenge head-on; we’re seeing better security and stronger controls in an effort to monitor output quality.
Even more importantly, we’re seeing greater IT-OT collaboration. It’s no longer forced talks consisting of arguments over whose CIA Triad priorities matter more. Nowadays, the teams are coming together and approaching confidentiality, integrity and availability in a way where each of these pillars holds equal importance. This development points to more balanced and holistic digital security efforts in the years ahead.
Digital Transformation on the Rise
IT-OT collaboration isn’t the only force that’s increased in the wake of COVID-19. So too has digital transformation. Prior to the pandemic, a limited number of organizations had budgets to advance digital transformation. Users were intrigued about the promise of digital transformation for their organizations. This promise couldn’t lead anywhere in the absence of significant investment in new technologies and resources. And those budgets and impetus weren’t there.
This resistance especially held true for the cloud in particular. In the pre-pandemic days, many organizations hadn’t started their digital transformations with respect to the cloud. Migrating to the cloud held promise, but users just didn’t see a near-term need for the shift.
Fast forward to the pandemic, and the advantages of digital transformation became clear. Organizations who had made early investments in their own processes had succeeded in making their manufacturing capabilities more flexible. These entities could now use new data streams to make decisions about whether they could produce a higher-quality product, whether their manufacturing equipment needed repairs and/or whether they had the necessary solutions to protect their OT environments against malicious actors. Others saw that these early adopters were on to something, so they’re now working to get budget to start their own projects.
Looking ahead, it’s reasonable to expect that the rate of digital transformation will accelerate. The potential of digital transformation is now realized, after all. It’s no longer a strategic project, it’s a critical one.
As part of that process, organizations will increasingly see cybersecurity as an enabler of their own digital transformations. Businesses won’t be able to take advantage of digital transformation if they can’t become more secure. As alluded to above, digital transformation has fundamentally changed the ways in which organizations are gathering, communicating and using data. These new avenues open organizations and their OT environments to attack. In response, cybersecurity is the most critical investment that entities can make going into a post-COVID world.
More Thoughts on the Future of IT/OT and Digital Transformation
The thoughts I shared above represent a snapshot of the thoughts I shared during a recent Tripwire webinar. In that presentation, I had the pleasure of discussing the future of IT/OT collaboration and digital transformation with Gabe Authier, senior product manager at Tripwire, and Galina Antova, co-founder and chief business development officer of Claroty, a global OT security provider and Tripwire partner.
You can view the full presentation here: https://info.tripwire.com/Register-Downtime-Should-Never-Be-Unplanned/