IT, OT teams need to keep manufacturing systems running

Security professionals on the information technology (IT) and the operations technology (OT) sides of the house have to truly understand the main goal, which is keeping the manufacturer’s systems up and running at all times.
By Gregory Hale, ISSSource December 20, 2016

Security professionals on the information technology (IT) and the operations technology (OT) sides of the house have to not only be able to work together, they have to truly understand the main goal. That goal is keeping the manufacturer’s systems—from the IT enterprise to the OT processes—up and running at all times.

"You have to understand the business outcome," said Caglayan Arkan, general manager of Microsoft’s worldwide manufacturing and resources sector enterprise and partner group during a panel discussion at the Automation Perspectives conference at Rockwell Automation’s Automation Fair in Atlanta.

The panel, hosted by Sujeet Chand, senior vice president and chief technology officer at Rockwell Automation, featured major IT companies Microsoft and Cisco and a leading university focused on security, Georgia Tech.

"It is about humans working together," said Jeff Reed, senior vice president and general manager, Enterprise Infrastructure and Solutions, Cisco. "It is really about getting the teams together and ensuring security. IT and OT need to work together, and manufacturing needs to help bridge that divide."

In talking about IT and OT working together, Francis (Bo) Rotoloni, deputy director of research and principle research engineer for the Information and Cyber Sciences Directorate, Georgia Tech Research Institute, likened it to dogs and cats getting along. "You get to start them young and they get along well. Enterprise IT didn’t understand the OT side. You have to get the two groups together so they understand the packet that is going through does not brick the system. Now, they both understand they have a common enemy—and (that enemy) does not care what they do."

Attackers really don’t play by the rules, they don’t follow standards, but they know what they are. Instead, their goal is very single minded, they want to get into a system and they want to get in via the easiest method as possible.

"We monitor threat landscape on a daily basis," Rotoloni said. "Bad guys try to use the most basic attack, whatever is the easiest. As the devices get more hardened, they just get more sophisticated. Advanced persistent threats are more advanced and attackers are more sophisticated."

While some end users understand the security threat and are doing something about it, there are others, however, that are aware, but not moving forward with a security program. Either way, attackers will continue to probe and when the time is right jump in and take what they want. That is why as attacks ratchet up, manufacturers need to elevate their ability to monitor and adjust to what they are facing.

"There are more sophisticated ways to monitor security," Reed said. "Networks (can end up used to) identify behavior and use the network as a sensor."

Gregory Hale is the editor and founder of Industrial Safety and Security Source (ISSSource.com), a news and information Website covering safety and security issues in the manufacturing automation sector. This content originally appeared on ISSSource.com. Edited by Chris Vavra, production editor, CFE Media, Control Engineeringcvavra@cfemedia.com.

ONLINE extra

See additional stories from ISSSource about the IIoT linked below.