Operational Technology, in particular, has been in the limelight of late, as the impact of cyber threat has the potential to cause disruption to the nation’s sector, economy and deny citizen’s basic access to services. However, the ROI of industrial cybersecurity extends far beyond its role as a necessary line of defence. By assembling greater insights into and control over the OT infrastructure, organisations can realise improved operational efficiencies without introducing new attack vectors. Here are some specific considerations to keep in mind when building a case for OT security:
1. Integration with existing security solutions
Any worthwhile OT security solution should integrate with existing deployed IT security solutions such as Next-Generation Firewalls (NGFWs), Security Information and Events Management (SIEM) and diode-based firewalls.
The reason for this is to not only accomplish the recommended layered security approach across IT and OT operations but to further demonstrate the value of previous security investments in conjunction with the new proposed OT security product in question.
2. Investment in cybersecurity yields dividends
Defending against cyber risks can be costly, but not adequately preparing for cyber threats can be far higher. This is before even considering the cost related to shaken shareholder confidence and long-term damage to a brand if a breach does occur. In fact, The Morrison Government estimates cybersecurity incidents cost Australian businesses $29 billion each year.
It’s inevitable that the cost of purchasing an OT security solution will involve a capital outlay but the reality is that in the long-term it can yield dividends on an organisation’s OT security. Organisations must now do everything within their power to best protect themselves and mitigate risk. Often, the investment of technology plays a crucial first step in this.
3. Combating the rise of cyberthreats
During the lockdown period, there are increased incidents of criminal activity as malicious actors look to capitalise on the challenging environment and use the disruption to launch targeted attacks. Since the start of the COVID-19 pandemic, the World Health Organisation noted a fivefold increase in attacks directed at its staff, and email scams targeting the public at large.
The fact that many OT operations may be functioning with a scaled-back workforce further exacerbates the probability of an attack succeeding or an accidental security incident. Taking the current pandemic into account, many organisations, particularly across international sourcing, supply chain management and the travel and aviation industry, are experiencing a reduced production schedule as well as being preoccupied with ramping up physical safety precautions.
The current slowdown period can be seen as an opportune window to enhance OT security in order to avoid having to take down an operation in full production mode at some time in the future. Additionally, it will ensure organisations have the appropriate security measures in place to protect themselves against future attacks.
4. Controlling industrial cyber risk may result in favourable insurance premiums
An increasing trend among businesses has been purchasing insurance policies with cybersecurity riders. However, before these policies can be granted and the level of insurance with corresponding costs is analysed, a risk assessment is performed. These tests are getting harder to pass with heightened security concerns around remote work and scaled-down workforces.
A lower risk score, meaning a lower probability of exposure or loss resulting from a cyberattack or data breach on an organisation, will result in more favourable insurance terms. This can be achieved with the deployment of a comprehensive OT security solution. These cost savings from a favourable risk assessment score can be recurring every year while also reducing the organisation’s cyber exposure risk — a win-win for all.
5. Visibility of every asset promotes good cyber health
In this digitally-connected era, cybersecurity strategies need to be secure, vigilant, and resilient, as well as fully integrated into the organisational strategy from the start.
A key function in OT cybersecurity is the ability to identify all the assets in the OT environment. Once an organisation has done this, they are able to gain deep situational awareness of these assets down to the ladder logic.
Businesses who have an intimate knowledge of the cyber health of every asset will reduce the cost to maintain the equipment, enabling the scheduling of maintenance and greatly reduce the frequency of “run to failure.”
The time is now
There’s no question that OT security can help ensure the long term operations of companies. An initial investment related to procuring, deploying and operating an OT security solution will ultimately save the organisation from significant exposure and hard dollar costs related to a breach and downtime as well as minimise scrutiny from customers. It is critical that organisations evaluate the ROI on OT and hopefully, these five steps should form a cornerstone to that process.