- What Is the Difference Between IoT and OT Security?
-
What Is the Purdue Model for ICS Security? | A Guide to PERA
- How does the Purdue Model for ICS Security work?
- What are the Purdue Model layers?
- What are industrial control systems?
- What are the main ICS architecture security challenges?
- What kinds of cyberthreats commonly impact ICS?
- What is the history of the Purdue Model?
- Examining the Purdue Model’s role in modern ICS security
- Purdue Model for ICS Security FAQs
- What is OT security?
-
What Is IT/OT Convergence?
- What Is OT?
- What Is the Difference Between IT and OT?
- How and Why IT and OT Are Converging
- Types of IT/OT Convergence
- The Role of IoT and IIoT in IT/OT Convergence
- IT/OT Security Convergence
- Impacts of IT/OT Convergence on ICS Security
- IT/OT Convergence Benefits
- IT/OT Convergence Challenges
- IT/OT Convergence Use Cases and Examples
- IT/OT Convergence Best Practices
- IT/OT Convergence FAQs
-
What is IoT Security?
- What Is Internet of Medical Things (IoMT) Security?
-
What Is ICS Security? | Industrial Control Systems Security
- What is an ICS?
- Why is ICS security important?
- How does ICS security work?
- What is the role of IT/OT convergence in ICS security?
- What kinds of cyberthreats commonly impact ICSs?
- What are the main ICS security challenges?
- What are the primary ICS protocols?
- How to achieve ICS security step-by-step
- 10 ICS security best practices
- What are the primary ICS security frameworks, standards, and regulations?
- What is ICS supply chain security?
- 2025 ICS security market and trends
- What are the different types of industrial control systems?
- What are the components of an industrial control system?
- What are the differences between OT, ICS, SCADA, and DCS?
- How does ICS security compare with OT and SCADA security?
- What is the history of industrial control systems?
- ICS security FAQs
-
What Is Cyber-Physical Systems Security (CPSSEC)? | Overview
- What are examples of cyber-physical systems?
- What is the difference between a cyber-physical system and an Internet of Things (IoT) device?
- Why is cyber-physical system security important?
- What are the common cyber-physical system security challenges?
- What to look for in a CPS protection platform
- Cyber-physical systems security FAQs
- What Is Critical Infrastructure? Why Does Critical Infrastructure Security Matter?
- What is 5G security?
- IT vs. OT Security | What Are the Differences?
- What Are the Differences Between OT, ICS, & SCADA Security?
- What Is the Difference Between IT and OT? | IT vs. OT
-
How to Secure IoT Devices in the Enterprise
-
Building Secure Smart Cities in the Age of 5G and IoT
The Impact of IT-OT Convergence on ICS Security
Most people are familiar with the term “Information Technology” and commonly understand it in reference to computer information systems – particularly in terms of the storage, recovery, transmission and protection of data within software applications and computer hardware. OT, or “Operational Technology”, on the other hand, is a relatively uncommon term and less understood by anyone not directly familiar with operating or managing it.
What Is OT?
OT refers to hardware and software systems that monitor and control industrial equipment and processes that run critical infrastructure, utilities, electric grids, manufacturing plants and traffic control systems – to name just a few. The umbrella term comprises many specialized frameworks, such as process control domains, programmable logic controllers, distributed control systems, supervisory control and data acquisition (SCADA) systems, safety instrumented systems, and building management/automation systems that are often collectively referred to as Industrial Control Systems (ICS).
The Convergence of IT and OT
Historically, IT and OT were managed by separate organizational silos without any interdependence on one another. However, over the past decade, a slow yet steady paradigm shift has taken place.
OT systems are increasingly being provisioned with networking and computational technologies. The two worlds of IT and OT are converging, with groundwork being laid for Industrial IoT, or IIoT – a matrix of interconnected sensors, instruments and devices that collect and share data for use across many industries, such as manufacturing, oil and gas, transportation, energy/utilities, and others.
IIoT is set to play a key role in the fourth Industrial Revolution, with converged IT/OT ecosystems serving as conduits that will deploy IIoT into the 4IR ecosystem.
The merger of IT with OT is driven by the need to optimize the collection and exchange of data between machines, infrastructure assets and applications while interoperably scaling processes across physical and virtual systems. The integration promises numerous benefits: improved flow of information, process automation, advances in the management of distributed operations and better adherence to regulatory compliance.
Impact of Convergence on ICS Security
However, as the lines of distinction between IT and OT continue to fade, the attack surface of interconnected IT/OT systems continues to widen. The most common attack vector for hackers to infiltrate these systems is via the internet.
With the arrival of IIoT, every ICS sensor, instrument and device accessible over an IT/OT network is susceptible to intense weaponization with botnets that are used to launch targeted attacks on critical infrastructure, such as energy grids, power plants, water and waste management systems, food processing plants, and transportation networks.
The human-machine interface, or HMI, that connect human operators to industrial control systems are also typically networked to various IT infrastructures. The accessibility to HMIs from internet-facing business networks poses a grave risk to ICS security, making HMIs susceptible to IP-based vulnerabilities, such as authentication bypass, weak session management, unsecured ICS communication protocoling and insufficient control traffic encryption.
Attackers typically infiltrate ICS systems with both generic malware and malware designed specifically to target and attack critical infrastructure. These infiltrations often result in denial-of-service, or DoS, attacks that paralyze or entirely halt industrial operations. ICS and connected IIoT devices are also high-value targets for hackers looking to collect ransoms or sabotage rival nations by gaining access to confidential data.
The following table provides a basic comparison between IT and OT systems from the point of view of connectivity and security requirements.
IT |
OT |
|
Connectivity Mechanisms |
Via Telco, Wi-Fi |
Via Telco, Radio, Satellite, Powerline Carrier, Wi-Fi |
Security Priority |
Data security with high confidentiality |
Operational uptime with high availability, safety, and integrity |
Security Standards |
ISO-17799, 27001, NIST SP 800-53 |
ISA99, NERC CIP 002-009, NIST SP 800-53, NIST SP 800-82 |
Security Patching |
Frequent |
Slow to impossible |
Cyber Forensics |
Available |
Limited, if any |
Overall Impact from Security Breaches |
Business impacts |
Business impacts, process fluctuations, equipment damage, environmental release, personnel safety |
The dangerous aftereffects of security breaches on ICS are on a completely different scale from the standard breaches we are most mindful of. Think about the consequences of a cyberattack that causes the power grid of an entire city or region to go offline, or one that triggers an explosion in a nuclear power plant by disabling the safety systems designed to prevent a catastrophic accident, or another that causes sewage to route into the water distribution system of an urban area.
In summary, securing ICS is a massive priority because of the repercussions of a security breach being so potentially disastrous. To learn about how Palo Alto Networks secures infrastructure across IT and OT networks, get a copy of our Security Reference Blueprint for ICS.
