Cyber Security in the Industry sector: Connecting OT with IT
Cyber Security in the Industry sector: Connecting OT with IT is key for value creation
True industrial digitalisation is only enabled by understanding how to combine Operational Technology (OT) and Information Technology (IT), to create high quality, secure and resilient production. But without a well-thought-out strategy regarding Cyber Security, the risk increases that cyber-attacks will sooner or later occur.
In recent years, we have seen a number of examples of what cyber-attacks can lead to. The most infamous to date is NotPetya, a targeted cyber-attack on Ukrainian business interests, but led quickly to the worldwide exclusion of a number of large companies' operations such as; Mearsk, Merck, Sutter Hospitals and Mondolez. In fact, only in Sweden the number of ransomware attacks increased by 250 percent in the last three months, compared with the first half of the year, according to security researchers at Check Point.
The rapid digitalisation and technological development will continue to transform the industrial processes, and the wide trend for pervasive connectivity has driven a convergence between OT and IT systems. This has dramatically changed the cyber security requirements, resulting in the need for a reliable architecture that takes care of the overall security from design. Another big future challenge is the potential hazards and risk when IT-security faces safety of machinery.
Because, when the different systems connect, we can no longer rely on the security of each individual system.
Understanding of both OT and IT environments
“Without a well-thought-out strategy regarding cyber security within OT and IT, the risk increases that cyber-attacks will sooner or later occur. But above all, a lack of strategy can lead to challenges in detecting infringement and delimiting damage and its consequences, as well as challenges in returning to stable production”, says Martin Hagelthorn, Advanced Automation at AFRY.
Good knowledge of one's own facility and the information it manages is key. This means that the right tools, methods and routines are implemented in the right places and that they are used in a way that allows you to detect intrusion attempts, delimit and counteract intrusion and come back after being subjected to an intrusion.
Do you know how to get there?
“In other words, for a production to remain resilient and high qualitative, you need a strategy and process that involves both technical measures in the IT/OT systems combined with organisational measures”, says Filip Enander, Systems Management at AFRY.
As an example, AFRY recently got the task to support a Swedish government agency that is responsible for state own infrastructural plants and systems. This involved doing a risk and vulnerability analysis (OT+IT) and a system architecture analysis.
Through implementation of tools, routines and methods combined with continuity plans and disaster recovery plans for specific plants, the agency can secure that infrastructural plants and assets are accessible and works as they are supposed to. This also minimises the risk of cyber-attacks influencing the system or plant’s stability or increase risk of accidents or loss of life.
AFRY implements digital industrial solutions in a manner that increases a plant’s security not only regarding IT, but by combining OT and IT with production.
And, when it comes to the aspects of safety, AFRY is an active partner in developing the ISO standard (ISO/TR 22100-4) that will shape how the IT-security aspects can influence safety of machinery. This work is in line with the new future revision of the Machinery Directive that will address risks stemming from new technologies such as AI, software or collaborative robots.
“In summary, a key is to combine standardised methods with best practice in order to adapt the solutions for the specific business. However, this can't be made without understanding for the specific needs of the business”, Filip Enander concludes.