800-999-7378

    technically speaking 2

    In this industrial blog, learn how to make your technology systems work for you. Become faster, smarter, competitive, and cost-effective in today's rapidly changing marketplace by learning from our experts' collective experience. Bookmark our page (or better yet, subscribe) because we post new articles every Thursday!

    OT Cybersecurity: A Complete Beginner's Guide

    Graham Zimmerman
    Posted by Graham Zimmerman on Oct 7, 2021 1:54:21 PM

    Don't let the topic of cybersecurity scare you, even during spooky season 🎃. October is National Cybersecurity Awareness Month, the perfect time to learn the basics of OT cybersecurity and #BeCyberSmart. Keep reading this beginner-friendly blog to learn the basics of OT cybersecurity and remote connectivity so you can stay empowered and protected against cyber threats. 

    Join our FREE Online Training: Industrial Cybersecurity 101

     

     

    Jump To Section: 
    Learning the basics (IT vs. OT) | How to Approach Cybersecurity | Using Layered Defense | Control What You Can, Manage What You Can’t | Get Elite Cybersecurity Support


    What is OT Cybersucirity?

    Let's start by clarifying the distinction between IT technology and OT technology.


    Information Technology (IT):     Refers to anything related to computing technology, such as networking, hardware, software, the internet, or the people/departments that work with these technologies.

    Operational Technology (OT): Refers to anything that monitors and manages industrial process assets and manufacturing/industrial equipment. 


    Interesting Fact:     OT has been around for much longer than IT technology, as it's been around ever since humans began using electricity to power tools for production and agriculture.

    Blurred Lines


    blurryInformation technology (IT) and operational technology (OT) are now more intertwined than ever before. For instance, certain components in control cabinets are essential to operations but also communicate information over Ethernet, making them IT.

    As machines and systems become more networked and cloud-integrated, the lines continue to become blurred, and the issues IT departments face with protecting the office networks from cyber attacks, become similar issues faced on the machine shop floor.

    Differing Security Requirements


    Although IT and OT technologies are becoming increasingly intertwined, the departments that implement them often have separate needs and priorities. For instance, OT prioritizes machine safety, efficiency, and preventing downtime, while IT focuses on systems and procedures to protect against cyber security breaches or attacks.

    CIAThe graphic above shows additional distinctions between the realms of IT and OT. For example, performing a hard restart is often more catastrophic for OT applications, while IT commonly uses restarts. Short bursts of system downtime are also less tolerable in OT.

    IT & OT: Teamwork Makes the Dream Work!


    When bringing IT technology into the world of OT, the best way to ensure cyber safety is by involving your IT team to help to create overall safe industrial networks.     IT & OT network teams must work and communicate together to build a comprehensive, secure industrial network - there's no way around it!

    Here are two tips to facilitate IT & OT team collaboration:

    1. Connect. Begin a relationship between your OT & IT teams. Workshops, field visits, and one-on-one conversations can go a long way.

    2. Understand. Learn each team's security goals. Where do they differ, and where do they connect? How can your departments help one another accomplish these goals?


    Merging the two teams will help your networks be more secure and lead to less opportunity for cyber security threats or attacks. 

     

    Top Three Approaches to OT Cybersecurity 

    There are many ways to approach industrial cybersecurity. How do you know where to start?

    Here are three tried-and-true procedures to tackle cybersecurity:

    1. Holistic Security ApproachHolistic Approach


    This approach asks OEMs, integrators, and machine end-users to look at the “big picture.” The holistic security approach highlights company assets and how your cybersecurity efforts apply to them. The three categories of company assets you want to highlight are technologies, persons, and processes. With this approach, outlining all of your security assets makes sure they effectively work together, not against one another. 

    2. Utilizing Cybersecurity Standards


    Another way to approach cybersecurity is by following industrial cybersecurity standards. These standards include IEC 62443, NERC CIP, NIST CSF, CIS CSC 20, ISO 27000 series, etc. According to the SANS ICS Security Survey, the NIST CSF remains the dominant framework in use. However, asset owners usually combine the different frameworks to develop a company-specific Security Policy. Additionally, regional, and industry regulatory requirements are additional focus points for the IT and OT security teams.  

    3. Defense-in-Depth


    Defense-in-depth, also called a castle approach, is a concept in which multiple layers of security controls (protection) are placed around your critical assets and throughout an IT system. For example, implementing a firewall in an ICS network is a small step toward securing an OT network. However, with this approach alone, complete cybersecurity protection isn’t guaranteed.

     

    Use a Layered Defense

    In addition to the methodologies above, another best practice is the layered defense strategy, which uses different components to protect operations with multiple layers of security. This approach isolates different layers depending on the networks you are running. For example, the type of layers in this defense strategy might include IT network, industrial network security, control networks, physical security, device security, and critical assets.

    This approach is considered a cybersecurity best practice because it separates IT and OT networks, reducing risk and mitigating damages. Additionally, if one layer goes down, you can use this approach to isolate those processes and assess the threat while running operations, preventing downtime and saving money.

    The layered defense strategy is as good as it gets; however, it can’t be replicated overnight. In fact, it sometimes takes two to three years to create a fully functional layered defense strategy. So what can you do right now to help protect yourself from cyber threats? Control what you can!
     

    Control What You Can, Manage What You Can’t. 

    To help protect yourself against cyber threats right now, control what you can by implementing physical security, Ensure secure facility access, cabinet locking, port disabling, and managed ethernet switches with advanced security features. Secure Wifi SSID and use strong encryption and password management. Implement firewalls for authorized users and traffic on the Industrial Control network.

    Finally, use SECURE remote connectivity for remote service of a machine. Teamviewer is NOT secure for industrial applications!

    TeamViewer_Logo_512x512If you're not familiar with Teamviewer, it's software that allows remote control, desktop sharing, and online meetings. While it's user-friendly and convenient, it's much less secure than a VPN with authentication and encryption.

    Although VPNs may not be as easy to use as the application TeamViewer, the data and content sent through these VPN channels are safe from corruption in transit.

    Additionally, IPsec VPNs are highly secure, encrypted, and extremely helpful when preventing cybersecurity threats. 

     

    For further explanation on cybersecurity best practices, watch our free online training: Cybersecurity & Remote Connectivity Basics

    cybersecurity thumbWatch our On-Demand Webinar

    Technology to check out for secure remote connectivity:

    mguard2If you need an easy and secure VPN system for your machines, I highly recommend checking out the mGuard by Phoenix Contact. Start by reading our blog post about it:

    FL mGuard by Phoenix Contact | How to Establish & Secure a Remote Network

     

    We're here for cybersecurity support

    Airline Hydraulics is an Elite Distributor for Phoenix Contact, providing many solutions for secure remote connectivity. Contact our product experts and shop Phoenix Contact mGuard and secure cloud services on Airline’s website with access to real-time availability from Airline or factory stock, pricing documentation, accessory items, and more.

    Tools & Resources 


    Contact Us! 

    Ask your Airline Rep. or contact us for assistance with ordering or customizing an order. 

    • 800-999-7378

     

    Topics: Automation, IoT, Explainers, Phoenix Contact

    Leave Comment

    Subscribe to Our Blog

    Most Recent

    Post By Topic

    See all
    © 2024 Airline Hydraulics Corp.