As IT and OT networks converge, CISOs need to be proactive in ensuring cybersecurity strategies take into account the risks associated with OT. Mirel Sehic, Global Director Cybersecurity, Honeywell Building Solutions, tells us how security teams can approach these risks and mitigate against them.
Digitisation technologies like Internet of Things (IoT), cloud and Artificial Intelligence (AI) are transforming organisations across every sector, driving greater operational efficiency, innovation and, at the heart of it all, creating new revenue opportunities.
But while these developments provide many benefits, they also create new challenges. In today’s hyper-connected, data-driven world, cybersecurity is a major concern as expanding digital networks widen the potential threat landscape.
This is particularly relevant when it comes to building management, where property owners, facilities management and organisations using a site all need to understand how connected technology affects overall cybersecurity posture. Failing to do so can have serious consequences. A data breach could result in significant financial implications for a business, while a prolonged outage of a building’s critical services could endanger the health and safety of people using it.
The cyberthreat to sites
Unfortunately, while a heightened awareness of cyberthreats has seen organisations double-down on IT security, the Operational Technology (OT) used in building control systems may be overlooked. Traditionally run as independent networks, OT may be out of sight for internal IT departments and not subjected to the same level of monitoring and maintenance hygiene as a result.
Today, separate OT and IT is no longer practical with the increased use of smart devices and connected building services. Even critical industries, which historically maintain an ‘air-gap’ between OT and IT to protect operations from online threats, are making the change as infrastructure is increasingly connected to enable Industry 4.0 functionality, like predictive maintenance and digital twin.
More generally, incorporating IT capabilities like analytics and IoT across OT environments has vastly improved productivity and efficiency for facility managers. Centralising multiple proprietary systems with connectivity and automation helps optimise building performance but also expands the possibility of attacks by increasing points of entry for malicious activity. After gaining unauthorised access to controls and security systems, common cybercrimes can include stealing data, destroying operational equipment and taking business-critical applications offline.
Cyber strategies for buildings
Whether an organisation owns a building or rents space in one, CISOs need to be proactive in ensuring cybersecurity strategies take into account the risks associated with OT.
Having an integrated strategy in place is important so when things don’t go to plan, there are policies in place that can be easily implemented. This begins with a programme of employee training and awareness, also ensuring that facility managers know which assets are most important to protect, the specific threats to those assets and the rules and controls required to protect them.
Developing, reviewing and maintaining procedures is of paramount importance. Key elements they should cover include guidelines for password requirements, the handling of sensitive data and the safe use of removable devices, to name a few. Ensuring employees are familiar with a set of clearly defined steps to handle a cyber incident could be the difference between disruption and disaster.
Further, gaps in responsibility between the building management, business function, IT department and technology partners are common, leading to gaps in an organisation’s defences. Addressing this requires clear delineation and education of roles and responsibilities across all stakeholders.
Performing a comprehensive risk assessment is essential to properly understand the scale of the challenge and what is required to address it. Reviewing the existing asset inventory means organisations can identify which are connected to networks, establishing a baseline for network traffic. This then pinpoints existing gaps and potential security vulnerabilities tied to the OT environment, supporting effective prescription of measures required to safeguard those assets.
Importance of experience and ongoing vigilance
An OT focused cybersecurity assessment should not be viewed as a one-off task. The accelerating pace of technological change means regular audits are required to ensure holistic risk mitigation, today and in the future.
OT and IT systems are continuing to converge, the 5G migration is underway and Industry 4.0 is still in the early stages of its development. As technology trends like these continue to evolve, cyberthreats adapt in response, as bad players look to exploit vulnerabilities that emerge. Both regular risk assessments and ongoing monitoring of network activity helps ensure that cybersecurity measures are always fit for purpose.
It is this kind of due diligence that delivers cybersecurity strategies that are both comprehensive and tailored to an organisation’s specific strengths and vulnerabilities. Choosing the right technology partner plays a big part here. Organisations need a partner with experience delivering an end-to-end cybersecurity service, as well as the capability to provide an always-on service. Further, any partner should be able to collaborate effectively with the facility team responsible for maintaining the OT environment.
Cybersecurity is a journey of continual improvement – standing still means falling behind. Effective technology partners, IT stakeholders and facilities management should ensure organisations are always evolving ahead of threats, deploying adaptive safeguarding and mitigation initiatives, proactively and reactively.
Integrated technologies and the intelligent networking of critical assets via IoT are increasingly determining the way we move around and interact with buildings. As OT and IT systems integrate, it is more essential than ever that organisations are aware of the risk across their OT environments and enhance security to improve overall cybersecurity resilience.
There are a few key stakeholder groups responsible for the effective upkeep of cybersecurity hygiene – from facilities managers to CIOs and the IT department, it is important we do more to promote effective communication and collaboration with the teams responsible for running their buildings.
Click below to share this article
