It has garnered significant attention for some time now, but the benefits of converging cyber and physical assets cannot be overstated. Bridging the gap between information technology (IT) and operational technology (OT) has enabled organisations to anticipate disruption — democratising data access, simplifying processes, and increasing scalability.
Unfortunately, there are also emerging risks that organisations must be wary of. In a recent survey by Fortinet, all Malaysian respondents reported at least one cyber attack in 2022. Phishing emails, malware, and insider breaches were the most common forms of attack, with 59% saying these threats impacted processes and productivity. Oversight is another issue for Malaysian companies. Only 12% of the companies surveyed said they have centralised visibility of their OT activities.
This could pose challenges for Malaysia’s digital transformation objectives. Indeed, the Malaysia Cybersecurity Strategy 2020-2024, cites figures that estimate losses from attacks on critical infrastructure — which depend on OT systems — to cost up to RM51 billion.
Amid these threats, cybersecurity cannot stop at just trying to keep threats out, but must also include responding swiftly to suspected breaches. The key, then, lies with diverting cyber criminals away from the organisations’ true assets.
OT’s Limited Field of Vision
Securing OT environments begins with recognising that industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems are fraught with the problems that characterise legacy technology. A key issue is that ICS and SCADA both add to the complexity, and their incompatibility with IT environments puts the brakes on building a holistic security infrastructure. Ultimately, this leaves security with a vastly limited field of vision and creates gaps that can be exploited.
Further exacerbating this are the inadequate built-in security controls of legacy systems, which give rise to unpatched or unmonitored devices. Although some of these devices can be patched, they are ultimately costly in terms of time and money. Truly securing critical infrastructure hinges on implementing broad, integrated, and automated protection across the entire digital attack surface, while collaboration with cybersecurity experts should also be on the agenda.
The Reality of OT Security Challenges
With OT environments closer to IT than ever before, they are no longer safe as they once were. IT threats like EKANS ransomware, targeted OT attacks like Stuxnet, and lateral movement attacks now lie in wait, ready to pounce. Worse still, zero-day threats are also on the rise and can’t be patched on legacy OT systems.
Legacy systems also require significant downtime and leave security approaches disjointed when organisations try to implement threat mitigation. At the same time, this not only leaves organisations vulnerable to malicious actors, but also at risk of punitive measures from regulators.
Proposed workarounds include attempting to apply IT-based security solutions to OT, but this ignores the fundamental differences between IT and OT.
Instead, what is needed is a comprehensive approach that is tailored to the unique challenges and vulnerabilities that come about from the IT/OT convergence. In fact, it is arguably the only way to mitigate the risk of breaches and stay one step ahead of increasingly sophisticated threats.
Enhancing OT Security with the Power of Deception
Making active defence security a key element of operations is more vital than ever. Here is where deception comes in; enabling organisations to set up traps that divert attackers towards fake data and credentials so as to protect the enterprise’s real assets.
Deception technology also ensures broad coverage and automated protection, allowing organisations to detect threats early and respond swiftly. Deception-based technology is also unintrusive and can be implemented without disrupting OT operations.
Simply put, leveraging the power of deception technology enables organisations to remain one step ahead of threat actors without being bogged down by the complexities of OT security
Integrated Security: The Key to Protecting your OT Environment
The fact is, not all security solutions are made equal, especially when it comes to OT systems. Effective measures that safeguard both OT and IT environments may seem out of reach, but solutions that are simple-to-use, unintrusive and provide advanced threat detection and incident response are readily available.
Tools that offer fabricated deception networks are already trailblazing integrated security through a centrally managed distributed deployment. At the same time, these solutions also offer state-of-the-art automated deployment of decoy assets, enticing attackers to engage long enough for IT to capture vital data and thwart attacks.
The real clincher is the fact that this is all attainable without overhauling the business’ entire infrastructure or disrupting SCADA/ICS operations. Don’t let security complexities hold you back. Embrace integrated security and protect your OT environment with confidence.
By Dickson Woo, Country Manager of Malaysia, Fortinet
