Rapid digital transformation of operational technology in the utility sectors is both significantly expanding business potential and increasing cybersecurity risks. We all know this.
Malicious actors pursue valuable targets in upstream, midstream and downstream operations for a variety of reasons, including personal profit, industrial espionage and economic disruption. Industry executive leaders are challenged to maintain security and compliance while also maximizing productivity…in other words, balancing operational efficiency with security.
So how can they achieve both of these seemingly contradictory goals? Let’s take a look…
The expanding cyber-threat landscape
Electric utilities worldwide confront multiple operational risks and challenges in maintaining system reliability, security and compliance. As these utilities develop security-control strategies to manage the risks of cyber and physical attacks, they need to consider people, processes and technology. Email is one of the biggest cyber-risks OT organizations are facing, along with IoT devices, mobile devices, the cloud and the IIoT.
Third-party risks are another major component, as many of these risks extend to supply line organizations. The risks need to be addressed with multiple organizations working together toward the common goals of security and compliance. Take, for example, electric utilities. There is a diverse ecosystem that interacts with electric utilities to perform capital projects as well as the operating and maintenance tasks of ensuring reliability across the electric system. This includes suppliers of parts and services, construction crews, contractors, consultants, physical-security protection professionals, automation controls systems engineers and cybersecurity vendors.
The balancing act: Staying secure while being efficient
Security and compliance in complex systems like this can seem expensive—but not having the right controls in place can be more costly, both in terms of finances and efficiency. Organizations often deploy many-point security products that are not integrated as they attempt to fill in their network gaps. The resulting security silos create complexity and muddy visibility, which delays threat detection, prevention and response.
These silos create additional burden for the IT security team due to operational inefficiencies. Lacking end-to-end integration of all security elements, automation of security processes is impossible, and many security workflows must be managed manually. Highly paid security engineers end up devoting significant time to correlating logs from different security tools and manually preparing reports.
Utilities suffer from applications-management redundancies, as well as in software and hardware licensing, due to architectural silos. This decreases the efficiency of the teams in legal, procurement and finance that manage those licenses. Organizations may also find that their technology spend is higher because of the use of multiple vendors and overlapping features in different products that a company might own.
Integrated for security
These issues illustrate why an integrated, efficient approach to security is critical.
Change brings challenge. Rapid digitalization of mission-critical operational technology brings the challenge of a vastly expanded threat landscape. The loss of the air-gap in OT means greater cyber-risk than utilities have ever faced. By creating an integrated security strategy, IT teams will have the visibility they need to keep their utility protected, compliant and efficient.
Rick Peters is the Fortinet’s CISO for operational technology, North America