Breaking the Cycle: Shifting from IT-Centric to OT-Specific Cybersecurity Approaches for Industrial Control Systems
Manufacturing Cybersecurity Requires a Different Approach
Cybersecurity in manufacturing environments presents unique challenges that cannot be addressed using traditional IT security practices. In a recent interview, Ejona Preçi, Group CISO at Lindal Group, highlighted the need for a distinct approach to securing operational technology (OT) systems.
Challenges of Securing OT Systems
Preçi noted that standard IT security measures often fail on the shop floor, where programmable logic controllers (PLCs) and decade-old firmware were not designed to be networked. This environment requires a focus on architecture, rather than relying solely on patching and system hardening.
Nation-State Actors and Manufacturing Infrastructure
Nation-state actors have demonstrated a sustained interest in manufacturing infrastructure, seeking to gain a stealthy foothold within organizations. Their tactics involve using compromised workstations, stale accounts, and other low-and-slow persistence methods that can evade detection.
To counter these threats, security teams must prioritize network visibility, introduce secure access service edge (SASE) solutions, and monitor operational environments. However, patch management in OT environments is often complicated by the need to maintain production lines and avoid downtime.
Addressing Patch Management Challenges
Security-mature manufacturers address this challenge by aligning patching activities with vendors, scheduling maintenance windows, and implementing compensating controls such as network segmentation and strict access management.
The Risks of Artificial Intelligence in Manufacturing
The increasing use of artificial intelligence (AI) in manufacturing systems also introduces new attack surfaces. AI pipelines connecting IT and OT systems create potential entry points for threat actors, who can manipulate data to influence decisions. Securing these systems requires a focus on protecting data pipelines, model outputs, and sensors, as well as addressing the risks associated with AI-powered predictive maintenance and quality control.
Preçi emphasized the importance of managing risk in a smart way, without disrupting business operations. This requires a balanced approach to monitoring and visibility, focusing on meaningful data that reveals real risks, rather than collecting every possible datapoint.
Conclusion
Ultimately, securing OT environments demands a distinct approach that acknowledges the unique challenges and constraints of manufacturing systems. By prioritizing architecture, network visibility, and smart risk management, organizations can better protect themselves against the evolving threats in this critical sector.
About Author
English