Claribel Chai, Country Director, Singapore, Palo Alto Networks
Operational Technology (OT) systems encompass the hardware and software that monitor and control physical processes, devices, and infrastructure in various industries, including manufacturing, energy, transportation, and utilities.
Unlike traditional IT systems, which primarily manage data and information, OT systems are critical for the functioning of the physical world, making them integral to daily operations and public safety.
As industries become increasingly interconnected through the Internet of Things (IoT) and digital transformation initiatives, OT systems are attractive targets for malicious actors. Therefore, implementing effective cybersecurity strategies tailored to OT environments is essential to safeguard these critical assets, ensuring operational continuity and resilience in an increasingly digital world.
To learn more about the challenges and techniques to secure these systems, iTNews Asia speaks to Claribel Chai, Country Director, Singapore, Palo Alto Networks.
ITNA: Most organisations in Singapore have secured their IT environments but lag in securing their operational technology (OT) systems. Why is this happening?
Chai: One primary reason for lag is the siloed operations between OT and IT teams. Historically, these two teams have operated independently, focusing on their specific areas without much interaction.
The lack of alignment between the two teams can lead to misaligned cybersecurity strategies and decision-making processes, making it difficult for organisations to establish a cohesive security posture across both environments. A significant portion of OT attacks originate from IT environments and this means that OT and IT departments will have to closely work together to ensure more comprehensive protection against cyber threats.
ITNA: What are the top 5 OT threats happening across Singapore and how can we detect them?
Chai: As per our recent State of OT Security report, the most feared attacks against OT in Singapore are insider attacks (21.5 percent), followed by DoS (19.0 percent), ransomware attacks (18.9 percent), malware (18.8 percent), and APT presence (18.0 percent). To effectively address these threats, leveraging AI-enabled security solutions is crucial.
Cybersecurity today is fundamentally a data problem, and AI-powered cybersecurity offers a robust solution by processing and analysing vast amounts of data in real-time. Additionally, AI enhances threat detection through advanced machine learning and behaviour analytics, offering real-time insights that are vital for identifying sophisticated and emerging threats.
Effective detection is a significant step and requires comprehensive visibility, secure segmentation, and continuous monitoring of all OT assets.
ITNA: How to enhance visibility across OT systems?
Chai: You cannot secure what you cannot see. The OT threat surface should be known and assessed with accurate asset visibility across all connected systems. The initial step in this journey is to embrace a platformisation involving consolidating and streamlining a complex cybersecurity stack, unifying management consoles, and backend data stores to provide a single, consistent view of the defenders’ cybersecurity environment.
Implementing a Zero Trust model for OT security, designed to adapt to various architectures, from partially air-gapped to fully cloud-connected environments can help. This flexibility ensures seamless integration into different industrial settings, providing a consistent and reliable security framework.
ITNA: What are the challenges in securing OT systems; are they any specific tools to mitigate OT attacks?
Chai: While the developments in AI, robotics, 5G, the cloud, and remote access will accelerate today’s OT security challenges, an underlying key challenge is the siloed relationship between IT and OT teams. Globally, it is worth noting that 7 out of 10 industrial OT attacks originate in Informational Technology (IT) environments.
Addressing this issue requires robust IT security measures including the convergence of OT and IT towards developing a comprehensive and unified security strategy. A tight cooperation between the two will be important as industrial firms adopt new technologies that pose new risks to the network environment. This is where platformisation comes in – ensuring a single, consistent view of the overall cybersecurity environment.
Ultimately, Zero Trust is the guiding principle. The best strategy is to combine and enhance visibility across OT systems. Organisations can achieve this by applying Zero Trust principles to strengthen their OT environments against potential threats. This involves continuously verifying and monitoring all assets, applications, and users, regardless of their location or connection type.