Operational Technology (OT) is not new. Operational Technology can trace its roots to the early 1800’s. Joseph-Marie Jacquard developed and patented an attachment that was programmed by punch cards to automate the loom. This invention heralded in the industrial revolution in Europe. Using this device to automate the cloth weaving process, complex patterns could be woven with very little human interaction. This invention played an important role in the advancement of the textile industry and also future development of operational computers.
IT and OT
Information Technology (IT) uses computers, storage and networking devices to create, process, store and exchange data and are typically networked with other systems. Networking allows remote access to information from anywhere. The convenience of remote access, however, is also a vulnerability often exploited by hackers looking to profit from stolen data such as personal, financial and health information.
Operational Technology is the use of computers to control physical systems such as manufacturing operations or control systems. Historically, OT systems have been closed systems. The computer controls the actions of a machine or a valve and has no need to interface with other computers or devices outside the immediate environment. Some examples of OT systems include factories, power plants, water treatment plants and oil refineries. These systems are not open to the world and their Operating Systems (OS) are unique to the task at hand.
OT systems can be found in all areas of our modern day, very automated existence. The clothes we buy, the water we drink, the trains on which we commute, the electricity that powers our homes are all, at some point, controlled by OT systems. This is the reason that OT security is so critical to our daily lives.
OT/IT Integration
The Internet of Things changed the nature of Operational Technologies heralding in a brave new world of IT/OT integration. It makes sense to use IT Operating Systems (OS) to control physical plant as well as to manage information. Why “invent the wheel” twice by creating separate infrastructures when a single OS can manage both? However, danger goes hand in hand with the efficiency of OT/IT integration. Unifying disparate data systems makes previously closed OT control systems more vulnerable than ever to attack.
According to a survey by security firm Dragos, 58% of respondents noted that their OT systems were vulnerable to malicious attack. Approximately the same number revealed that they had been breached within the last 24 months. It is, therefore, critical that organizations utilize monitoring technologies to gain complete and accurate visibility to the information traversing links of integrated IT/OT systems. Preventing catastrophic breaches that can disrupt plant operations, shut down electric grids or sabotage oil refining is now more important than ever.
Connecting IT/OT Security Tools
Fortunately, the same security tools that have been used in IT systems to provide traffic visibility and block malicious traffic, are the same tools that can be used in integrated IT/OT networks.
Network TAPs from Network Critical, are used to connect a wide variety of monitoring and security tools to links. The TAPs connect to links and create a mirror copy of live traffic that is then sent to another device for analysis. In some cases the analysis device can actually be connected in-line to immediately block malicious traffic before damage can be done.
Network TAPs are invisible to the network. They do not have a MAC or IP address and, therefore are not able to be hacked. One cannot hack what one cannot see.
TAPs can provide real time threat protection by connecting tools that can utilize new technologies such as AI to predict and block attacks.
TAPs can help security tools operate with maximum efficiency by aggregating and filtering traffic thus reducing processing overhead.
TAPs are scalable. They can grow as the network grows in speed and bandwidth requirements without compromising performance.
TAPs are independent from other network equipment allowing changes without disruption to the network. They also have fail-safe technology to continue passing live traffic even in if power to the unit is lost.