A Historical Perspective on IT & OT Convergence
Hello IIoT World readers, and thanks for engaging with my column. Over the course of the next few months, I plan to write on a number of topics that are, individually, highly relevant to the IIoT Security realm. Perhaps more importantly, many of these topics can be viewed as being all inter-related in a way that describes some of the things we have all seen and witnessed over the last 3, 5 or even 10 years.
As we move through the progression of topics, I am undoubtedly going to say a few things that will shake things up a bit, but that’s ok. It’s ok because what I’m going to share is something that needs to be discussed, debated, and (assuming it works out that way) hopefully implemented. Plus, anyone who knows me well knows that I am not a fan of the status quo. I’m always looking for ways to innovate, and to do things better.
I decided to start the series by looking back at the discussions around IT / OT Convergence and Integration and how this ties to IIoT Security. We’ve all seen and heard about the upcoming IT and OT Convergence. I’ve heard this topic discussed and debated at various conferences and inside of magazines and books for a decade. I have to admit that I’ve continually scratched my head and wondered, how can it be that the same IT/OT convergence that was discussed 10 years ago is still a topic of conversation?!? Why hasn’t that happened already?!?
To be fair, we are talking about integrating two groups that could not be more diametrically opposed. Change like that surely takes time. But for now, let’s just suffice it to say that over the past 10 years, the level of interaction between IT and OT could still be accomplished in a somewhat predisposed and comfortable way. Why? Because the foundational goal of ICS/SCADA, or IIoT, during that timeline was to simply achieve connectivity. Instead of more air gapped systems, companies began to see the benefits of become digital, connecting their OT environment to enable a newfound free flow of data capable identifying ways to improve operations, optimize system or workforce efficiencies, and more. For this level of integration, arguably all that was really needed was for the Operations team to continue doing what they do, which is delivering rock solid product or production while keeping everyone safe. ITs role was primarily to provide the boundary connections into and out of the OT environment. Not a lot of deep integration required.
So, what’s changed? For one, the world has changed. For roughly the last decade, we’ve seen a steady stream of ICS/SCADA attacks. It all started with Stuxnet, then BlackEnergy, Havex, Irongate, WannaCry, Petya, Not Petya, and Industroyer/CrashOverride. What’s more alarming is that the last four in that list happened in just the first 6 months of 2017! There can be no doubt that the threat landscape is ever changing and increasing. Security Intelligence put out a report at the end of 2016 that found there was a 110% increase in the ICS/SCADA attacks from 2016 to 2017… but, that was before the aforementioned four serious attacks in 2017.
So, if we come back to this notion of IT/OT integration or convergence, or whatever your respective organization calls it… what does that mean? Somewhere along the road of gaining connectivity, organizations began to realize that simply providing connectivity to the IIoT is not good enough. Given that these networks are literally the most critically important networks that exists, for customers, for partners, and for the companies themselves… it turns out that what they need is secure connectivity! I know, it’s a novel idea, isn’t it? More about converged networks.
What this means to IT/OT convergence is that securing the IIoT means that IT and OT truly have to work together like never before. It’s highly likely that many years from now, historians will see IIoT Security as the foundational requirement that forced the two groups to finally come together, to understand more about what each other does, and why that is relevant to the overall goal of increased production and safety, while keeping threats at bay.
There are much more serious issues at play here, and I look forward to sharing more on those in the coming weeks. In my next article, I’ll share insights on the serious problems that exists in a very high percentage of industrial environments today as a direct result of people doing what they are most familiar versus fundamentally looking at the problem and how to solve it, which may involve new and innovative approaches.
Matt Morris is Vice President of Strategy, Product Management & Marketing for NexDefense, where he focuses on disruption and innovation for industrial IoT and cyber security, and defines future strategic development and investment initiatives. Matt has more than 20 years of experience in strategy, product and technology leadership spanning start-ups, multi-national and global organizations.