Companies were required to review their business and get used to the fact that in the near future fewer employees would be working from the office – they have become home workers. This, coupled with new security concerns, put the IT’s under pressure. At the same time, the effects on safeguarding the OT security were enormous.
In the lockdown, for example, it became necessary to slow down production lines or even stop them because the workers could not come into the plant. But unlike in an IT environment, where it is comparatively easy to change a software or switch off a device – even remotely, the reality of OT does not allow a chemical phase or an assembly line to be simply stopped. Certain networks, such as blast furnaces or steam boilers, are prepared for continuous activities and thus it is practically impossible to switch them off. In many cases, an emergency shift must be ready so that the systems can be operated. In more and more cases, operators are trying to check production remotely, although the networks are actually not prepared for this.
One of the most important lessons learned from the pandemic is that disruptive changes can happen at any time. Even if we cannot predict which incidents will hit us, we have to assume that they are imminent. Or act like they’re already there.
OT Is The Focus Of The Hackers
OT security operations ran on non routable processes. As a result, security was more or less limited to protection. Securing the OT from IT, the so-called air gap, made it easy to ignore the cybersecurity aspects that were causing the biggest headaches in corporate systems. As a result, many companies gave cybersecurity low priority or even ignored it completely.
IT and OT Are Growing Together
In the past ten years, more and more OT networks have been converted with IP. But it’s not just the rules that are changing. As networks grow together with the IT, the air gap has disappeared. However, IT and OT systems are inevitably converging today as more and more data is exchanged between them. OT and IT systems can still be separated, but physically they are no longer. In addition, the large increase of OT generates a flood of information that must be checked by the applications in the enterprise zone.