Technology Basics

What is OT Security?

Operational Technology Security explained and explored

Industrial cybersecurity developed into a board-level topic. Security is becoming a priority in industrial IT and Operational Technology (OT) as connectivity to external networks grow and attacks on Operational Technology increase. Many companies are still not aware of the threats that cyberattacks pose to their OT assets. Moreover, their measures for cybersecurity are usually not tailored to operational technology.

As the segregated worlds of Information Technology and Operational Technology rapidly converge, organizations are facing critical questions about their security investments in regard to Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems.

What is OT Security?

OT Security is the full stack of hardware and software being used to monitor, detect and control changes to devices, processes and events. OT Security is commonly used to protect Industrial Systems and networks from attacks. Operational Technology Security is used to protect and control critical infrastructures such as power stations, transportation networks and smart city appliances.

SCADA and ICS explained

Related to OT Security are Supervisory Control and Data Acquisition Networks security and Industrial Control Systems. SCADA security is the practice of protecting supervisory control and data acquisition networks, a framework of control systems used in industrial operations.

Industrial Control Systems are typically mission-critical applications with a high-availability requirement. Industrial Control Systems comprises systems that are used to control and monitor industrial processes. Examples of ICS are power consumption on electricity grids, alarms from building information systems, or oil refinery cracking towers.

Industrial IoT (IIoT) and Operational Technology Security challenges

With industrial systems becoming more connected, they are also being exposed to more vulnerabilities. The transition from closed to open systems, also known as the IT-OT convergence, generates new security risks that need to be addressed.

Key factors for organizations looking to protect their industrial networks are the high cost of industrial equipment and the devastation to communities and economies that an attack could generate. A strong negative impact of breaches or incidents that occur could even mean casualties in a worst-case scenario.

IT trends and innovations associated with the digital transformation affect the OT/ICS area. Industrial IoT (IIoT) for example leads to a higher degree of connectivity to the ‘outside world’. Because of this increasing connectivity operational security risks increase. The sub-segments of Industrial IoT are all critical for OT/ICS systems. The most relevant sub-segments for OT/ICS are smart energy, smart transportation, Industry 4.0, smart metering and smart cities. These segments are all interconnected to various degrees.

Ideally  IT-OT convergence gives organizations a single view of industrial systems, together with process management solutions that ensure accurate information is delivered to people, switches, machines, sensors and devices in the best format.

Harmonizing the way IT and OT systems work together, increases efficiency. Industrial systems can be remotely monitored and managed. The security benefits for organizations are the same as those used on administrative IT systems.

Why is OT Security Important?

Securing industrial networks can be done without disrupting operations or risking non-compliance. Solutions that allow complete visibility of network control traffic and establishing the right security policies, puts an effective OT Security strategy in place protecting processes, people and profit while significantly reducing security vulnerabilities and incidents.

Securing Industrial Networks

Volumes of traffic on Industrial environments are usually lower compared to IT environments. This is an advantage because much of the traffic is traveling between determined endpoints and therefore can be baselined and inventoried more easily than traffic that is generated on an IT network. Monitoring and analysis tools will help to identify and protect against unauthorized changes and other anomalies that could signal an attack in full progress or in its initial stages.

Well-known solutions for Operational Technology security is Forcepoint’s Next Generation Firewall (NGFW) and Fortinet's FortiGate NGFW. Features range from SCADA-aware functionaliteies, zone access control and centralized management, logging and reporting. Both offer policy-driven and centralized management and puts users in control of their industrial environment. When there’s a need to analyze thousands of endpoints or a smaller network, they can be configured on the fly to find unexpected or unauthorized traffic and other potential indicators of compromise on industrial systems.

Learn more about Industrial Control Systems and OT security in Fortinet's guide to securing Industrial Control Systems

Share this page: