In the second part of this blog series Killian O’Leary, Partner with Barden’s IT Practice, takes a closer look at operational technology (OT) and digital transformation.
OT & Digital Transformation
There are so many companies with older embedded industrial technologies who are now adopting new technologies and moving things through the cloud.
We are talking here about inherited legacy systems running like the ‘green font on a black screen’ (the backbone of many infrastructure systems) e.g. electric utilities, manufacturing etc..
It’s now time for companies to do more with less, to optimise their environments but also to secure these environments. Hence digital transformation becomes a much-heard term.
Businesses are looking at new technologies, new ways of doing things to achieve more connectivity across their various site locations.
Data analytics can also help optimise those environments…essentially more automation less manual input! This has the result of making those environments more visible to the outside world, and in turn making them more vulnerable.
The frequency, sophistication, and severity of these threats is well known. The new and dangerous threats to OT and critical infrastructure require an innovative defensive strategy. With digital transformation implemented, and the convergence of IT and OT networks, many organisations are not ready for the attacks and threats they are facing.
It could be said that having knowledge of breaches is discouraging some organisations from upgrading their ‘Operational Technology’ systems with productivity-enhancing digital technology.
Therefore, investment in ‘Digital Technology’ is still inconsistent across organisations.
A broader attacking surface…
As OT becomes increasingly transformed digitally, connecting computer networks to systems such as conveyor belts, heating and cooling systems, and moulding machines, introduces more security risks. This can create the ‘perfect storm’ for hackers.
It’s important to understand that many devices and networks were not built with security in mind and they rely on legacy technology requiring manual effort and human interaction to detect and mitigate cyber threats, resulting in down-times or creating other unwanted consequences.
In the quest for higher operational efficiency, many organisations are running industrial control systems (ICS’s) over IP-based IT networks, outsourcing support to third parties and allowing remote connectivity. Although the convergence of IT and OT improves efficiency across operations, it eliminates the traditional gap between the two realms. The result is a broader attack surface, exposing OT to a multitude of DDoS attacks and other cyber-risks.
Together, these two forces have created new vulnerabilities that must be addressed, and organisations need to be consciously aware of both the business value and the associated risk. This strengthens the case for OT Security, which I’ll take a closer look at in the next blog in this series.
To view the first blog in this series click the link below….
Having worked and trained with a number of international businesses, Killian moved into recruitment in 2011 and has held a number of leadership roles, both locally and nationally, since. Killian is a founding member of Barden’s IT recruitment practice, is a subject matter expert in Cyber Security (Cloud, Network, Infra, O/t) & Senior Tech careers, is a qualified and active career coach and advises CIOs and tech leadership teams on attracting and retaining world class talent. Get in touch with Killian at firstname.lastname@example.org.