IT-OT Convergence Network Security
Reboot network security to enable digital transformation
SOURCE: CISCO
Digital transformation in manufacturing can deliver business value by improving operations and using innovative services. The greatest risk lies in the manufacturer’s ability to secure the production environment and the end-to-end connectivity between the plant and the cloud-based services and remote users.
SECURITY RISKS AND THREATS TO INDUSTRIAL environments have not abated in 2020 and into 2021, but have continued with vigor. The impact includes significant loss of production availability and effort expended to identify and respond to these compromises. These are not new challenges, but the pandemic and its effects certainly have not reduced or remedied the situation. As operations continue to drive further convergence with IT and OT, and look to improve operational efficiencies and productivity with new market trends and capabilities, such as cloud; they also need to consider a comprehensive multifaceted security approach at the core of the architecture. Security attacks and events are a board-level concern for most, if not all, major industrial operators, given the impact of lost revenue, costs and impact to reputation. Even before the drastic changes we saw in 2020, manufacturers were under pressure to improve operational efficiency through digital transformation. While investments in digital transformation pay dividends, they
54
also compound long-standing cybersecurity risks. When manufacturing operations are digitized and interconnected, there’s more potential exposure and a greater need for forward-looking protection. After all, a single cybersecurity incident can drive downtime and revenue loss, rack up operational expenses and damage a manufacturer’s reputation in the market. And yet, even as cybersecurity continues to remain a board-level concern, many manufacturers continue to address the risks with patchwork approaches. Security can’t be achieved with point solutions. It takes an end-to-end approach starting with the network in production. But it does not end there: as digital transformation requires the integration of production environments with cloud-based applications and resources. Yes, there are some excellent cybersecurity tools designed especially for operational technology (OT) environments. They promise to identify devices and their communication patterns, thereby surfacing cybersecurity risks. But these tools are only as effective
as the network they’re monitoring. Legacy networks often make it complex to gain the needed visibility and impossible to automate application and enforcement of security policies. And adding a cloud-perspective requires extending the cybersecurity envelope further. To enable secure digital transformation, manufacturers need to reboot production network security, embracing a concerted more integrated security strategy and extending those security capabilities beyond the four walls of the operation. This journey starts with the transformation of legacy production networks and introducing hardware and network components that fully enable and efficiently leverage available cybersecurity tools. Once the planning and design is complete, the next step is to deploy industrial cybersecurity to protect the production network. Digital transformation often introduces remote or cloud-based resources and applications, so the cybersecurity considerations must also include the extended
in d u s t r ial et h er ne t b o o k
06.2021
