2020 was a rough year for all of us, particularly from a cybercrime perspective. As businesses and schools rapidly pivoted to remote work and remote learning, many cybercriminals changed their tactics and adjusted their focus to take advantage of the situation as well as user uncertainty and fear.
The SolarWinds attack, which infiltrated both the US Treasury and the Department of Homeland Security as well as a number of private organizations, rocked the cybersecurity world. Uncovered last December, this wide-reaching, devastating attack is believed to be the work of the Russian Intelligence Agency’s Foreign Intelligence Service and may have been launched as early as March 2020.
Even once experts know the full extent of the attack, the remediation process will be long and grueling. Entire enclaves of computers, servers, and network hardware across both federal and corporate networks will need to be isolated and replaced even as security teams continue to hunt for evidence of malware, determine what information has been compromised, and create and implement strategies to mitigate loss and damage.
Number of Cyberattacks Expected to Rise
In addition to dramatically changing how we go about our daily lives, COVID-19 has also provided a convenient cover for cybercriminals as they shift their attack vectors away from large, well-guarded corporate networks to small, potentially vulnerable home networks. One study suggested that, in 2021, a ransomware attack on a business is likely to occur every 11 seconds, up from every 40 seconds in 2016.
INTERPOL’s assessment of the impact of COVID-19 on cybercrime has shown similar trends, with targets shifting away from major corporations, governments, and critical infrastructure in favor of small businesses and individuals.
As users log in from home, they create personal islands of security: a model where each user is effectively following different (often lax) security protocols. When workers are onsite, all of their traffic is routed through your business’s network, which is likely closely monitored by a professional security team. However, without a dedicated security team watching every employee’s home network and personal device, your organization is exposed to increased risk.
Cybercriminals are taking advantage of this increased attack area to create personalized attack chains. While traditional tactics often involved a “spray and pray” approach (where cybercriminals used generalized social engineering attacks, such as the classic Nigerian prince scam, to target a large number of users in the hopes that a few would bite), recent trends have seen a rise in hyper-personalized attacks that target specific uses with privileged access to sensitive infrastructure, data, and systems.
While this approach is more time-consuming (since attackers need to identify and profile specific individuals to create the targeted attack), this approach is more likely to yield shorter attack-cycles, making it increasingly difficult for organizations to identify and stop attacks in progress.
The work from home era has forced cybercriminals to adapt their tactics, but unfortunately, many have done so successfully. One tried-and-true cybersecurity attack, the phone scam, has seen a resurgence.
A similar but related scam involves scammers offering “relief payments” from government agencies. These calls, text messages, and emails typically follow a general format: The caller says you have been approved to receive money, either via a relief payment or a cash grant or even via a low-interest small business loan and then asking for personal information (to “verify your identity”), banking information (so they can charge you a small “processing fee”) or both. Some scammers also ask for payment via cryptocurrencies (such as bitcoin) or gift cards.
Another twist on the phone scam is the fake tech support scam. This follows a similar format to the scams discussed above but involves cybercriminals asking users to grant access to their computers so they can “conveniently” fix a tech support problem you weren’t even aware you have.
Criminals then use this access to install malware, add backdoors for future access, or log keystrokes (to capture usernames, passwords, banking details, and other sensitive data).
The best thing you can do to safeguard your organization’s digital assets is be proactive. Make sure you are up to date on all the latest cybersecurity threats and have a well-rounded and up-to-date cybersecurity incident response program in place.
Safeguarding your organization from cybersecurity threats can be a lot to handle, particularly if you aren’t already a cybersecurity expert. That’s why Virtual Armour is here to help. Our team of experts can review your current practices with you, help you identify weaknesses, and create a plan to strengthen your defenses. We are also able to monitor your infrastructure, firewall, and endpoints 24/7/365 for potential threats and help you mitigate or even avoid damage should an incident occur.
COVID-19 has fundamentally changed the way many companies conduct business, and not all organizations have handled the jarring transition to remote work smoothly. Daily operations and working conditions can be disrupted in an instant, so your organization needs to be able to adapt quickly and effectively to any situation.
Though no situations are exactly alike, there are a few tools and guidelines you can follow to help ensure the next time a sudden pivot in your workforce is needed it’s as smooth as possible.
By being agile, your organization is set up for success in any situation.
What Makes a Workplace Agile?
Agility in the workplace typically focuses on quickly adapting to the changing needs of customers, workers, and the overall marketplace. The current global health crisis has brought with it a renewed urgency for flexible, agile, and adaptable workplaces as many traditional office-setting workplaces transform into distributed workplaces. Though some organizations may be able to return to the office soon, the fact is that work as we know it has been disrupted, and those disruptions will be felt for quite a while.
What Steps Can I Take to Increase My Organization’s Agility?
While seasoned remote workers already have the skills to ensure their work gets done no matter where they are, an organization that has to suddenly pivot to remote work faces a unique set of challenges. Even if your individual workers are set up for success, can stay productive, and are able to easily meet their deadlines, you need to ensure that your entire workforce is able to continue to work together effectively.
Communication is Key
Frequent, open, and transparent communication is always important, but when your workers are no longer working out of a centralized location, effective communication becomes even more vital for maintaining productivity. Those spontaneous brainstorming sessions over lunch, impromptu meetings, and watercooler chatter may not always appear to be productive, but they play a huge role in developing and maintaining group cohesion and encouraging the flow of ideas.
To help retain some of that impromptu team building and idea generation, you might want to encourage managers to regularly host scheduled coffee meetings or happy hours with their teams. If your organization doesn’t use an instant messaging product like Slack or Microsoft Teams already, now is a great time to adopt that technology. Instant messaging apps can be leveraged for both more serious business discussions and the lighthearted workplace chatter that used to happen over coffee or lunch or around the water cooler.
Adapt Your Communication Style to Suit Your Workers
To help empower your newly configured workforce, you will need to be able to communicate with different categories of workers effectively. This may include your regular remote workers, your newly remote workers, workers who are currently unable to work, and any essential workers you may have that must be physically present in your workplace to complete their tasks.
How you communicate with each group may differ, but you might want to consider using internal messaging apps (like those mentioned above) in conjunction with email campaigns to reinforce key messages and text messages for urgent matters. Try out several different communication styles and see which ones are most effective for which groups and reassess your approach to communication as necessary to promote collaboration and ensure critical messages are being received.
Any good manager knows that it’s best to tackle potential problems before they become actual problems. By communicating effectively with your workers you can learn about potential problems or sticking points before they become major issues. While it may seem costly to act proactively, investing a bit of time, people power, and funds to address potential issues as soon as they come to light can save your organization more in the long run.
How you choose to keep an ear to the ground is up to you and your organization, but regular check-ins between workers and their managers, between managers and their department heads, and between department heads and the executive team can help prevent information silos from forming and ensure that potential issues are escalated appropriately so they can be addressed.
Focus on Retaining Workers
There is a lot of uncertainty in the world right now, so holding onto experienced workers (and their vital skillsets) is more important than ever. When a critical worker leaves, it can cause a frenzy of uncertainty as workers try to bridge the gap until a replacement worker can be found, causing unnecessary stress and anxiety. Even once a replacement is found, it can take months for them to fully settle in and come up to speed, disrupting your everyday workflow.
Have mechanisms in place so that departing workers can train their replacements before they go on maternity leave, retire, or switch to another organization. You may want to record training sessions so they can be reviewed as necessary or used to train other workers down the line. By setting up the replacement worker for success, you not only minimize disruption but also reduce worker stress and anxiety during transitions.
The Importance of a Good Attitude
However, skills aren’t everything. If you are able to expand your team and choose to do so, make sure you weigh intangible skills (effective communication, positive attitude, proactivity, etc.) as well as looking at the tangible skills required to do the job.
Having workers that are flexible, proactive, and positive can help you weather tough times and reduce friction in the workplace. Skills can be taught, but the right attitude is a lot harder to cultivate if workers don’t have the right mindset to begin with.
Empower Your Workers
How do you feel when you delegate tasks to your team? Are you relieved knowing that they have the right skills and attitude for the job, or anxious that you won’t be there to oversee everything and double-check their work?
Someone who works for an organization that empowers their workers is more likely to feel the former: confident that their team has the skills to handle things on their own.
Empowering people is about more than just giving them unfamiliar tasks; it is about encouraging your workers to challenge themselves and letting them know that you believe they can achieve their goals by periodically taking people out of their comfort zones.
You can encourage your workers to take appropriate risks by:
Delegating a variety of tasks, such as having a junior member run a meeting or letting your second in command take the lead on the next big project
Rotating roles so that employees can cross-train, building their skillset, and deepening their understanding of their co-workers’ roles
Giving your workers the autonomy they need to perform tasks on their own. Training wheels are fine, but they eventually need to come off
Encouraging your workers to behave like team leaders
Creating room for independent decision making
Allowing workers to experiment and try new things without the fear of failure
Don’t Forget the Human Factor
Businesses are run on more than technology and processes; the human element plays a critical role in any business or organization. By encouraging teamwork, escalating conversations when necessary, and creating organic opportunities for knowledge transfer, you can teach your workers to collaborate more effectively and give them a chance to develop a deeper respect for their co-workers and their contributions to the organization. This not only promotes social cohesion, but encourages cross training so that employees can remain flexible and, in a pinch, take on new tasks when emergencies and other unexpected changes occur.
Promote Collaboration & Autonomy
A strict hierarchy can be restrictive, delaying ad hoc projects and creating frustration, particularly for workers at the bottom. Establishing horizontal communication channels as well as vertical ones, can increase collaboration and reduce delays.
Another way to make your workforce more agile is to allow teams to work on their own without requiring management to constantly steer the ship. Create a team and invite one of its members to temporarily adopt the role of team leader. Give the team tangible objectives and a reasonable timeline for a project and see what they create. By creating self-managing teams, you can drive collaboration and enhance learning, making your organization more agile overall.
Feel Free to Experiment
A driving principle for many highly agile organizations is that experimentation drives innovation, which leads to change. It’s important to not only be able to respond to change (or adversity) effectively but approach it proactively and be a driving force for change.
Being able to adapt to change can help keep your business afloat, but having the ability to propel change can help ensure you stay ahead of the competition.
However, it is one thing to pay lip service to some vague idea of change and another thing entirely to put your money where your mouth is. Don’t just focus on the executive suite or department managers and ask everyone else to follow their lead, but instead encourage every employee, from the summer intern up to the CEO to get involved.
Many organizations encourage this by giving employees time on the clock to dedicate to their alternative musings. This not only encourages experimentation but gives workers the chance to fail (and fail fast) before moving onto their next idea.
You can encourage experimentation at all levels of your organization by:
Having regularly scheduled brainstorming sessions
Encouraging team members to discuss their interests beyond work
Actively encouraging workers to work on ideas that resonate with them
Offering personal support and help if and when required
Eliminating or reducing constraints when possible
Being agile is not only important for weathering the COVID-19 storm, but also for weathering future storms and remaining at the forefront of your industry. By taking the time and energy needed to help promote agility at all levels of your organization, you can help future-proof your company and create a great place for workers to work, learn, and grow.
As COVID-19 forces employees to practice social distancing, or even to self-isolate or shelter in place, the ability for employees to work remotely has gone from a luxury to a necessity. However, pivoting quickly to a mostly or fully remote workplace isn’t an easy task, and brings with it unique costs and infrastructure requirements.
The Infrastructure & Costs Required to Effectively Support a Remote Workforce
Your team can only remain productive if they have the tools they need to do their jobs effectively. However, though your employees may be set up for success at the office, you will likely need to make a few infrastructure changes if your company isn’t already set up to support remote work. To help your company transition, and keep your digital assets safe both during and after the shift, you may want to consider consulting with your MSSP (managed security services provider).
If your employees mainly rely on desktops to complete their work, you will either need to permit them to bring those computers home temporarily or provide them with laptops. Laptops are significantly more portable and require less physical space than their desk-bound counterparts. This is particularly beneficial for employees who don’t have home offices and are likely going to find themselves working from their kitchen tables or another mixed-use space.
Secure Connections & VPNs
Having employees work from home means they will likely need to access company resources (such as internal networks or sensitive files) remotely. To help safeguard your company’s digital assets, you may want to consider providing your employees with secure connections or VPNs.
For more information about secure connections and VPNs, as well as tips for safeguarding your digital assets while employees are working remote, please read our blog post: COVID-19 Demonstrates the Power of Remote Workplaces (But Those Are Not Without Risks).
Leveraging the Cloud
The cloud is, by design, great for supporting remote work. It allows multiple users to access documents simultaneously, cutting down on the unnecessary emailing back and forth and helping ensure all users are referencing the most up to date documents. Programs such as Google Drive can support a wide variety of cloud-hosted documents, including word processing documents, spreadsheets, and PowerPoint-style presentations. You can also easily upload existing documents and files and specify whether the people you share documents with have viewing, commenting, or editing privileges.
For more information about what the cloud is and learn more about its benefits, please read our blog post: Cloud Isn’t the “Future”; It’s the Now.
The most efficient teams are the ones that communicate frequently. To help your team stay engaged and connected while everyone is working from home, you are likely going to have to rely on video conferencing apps (such as Google Hangouts, Skype, Microsoft Teams, or Zoom) as well as workplace instant messaging apps (such as Slack).
Video conferencing is great for meetings as well as getting some face-to-face time with your team, while instant messaging apps are better for quick questions and the more casual conversations that used to happen around the water cooler or in the break room.
Video conferencing is also great for morale and staying connected on a more emotional level. Scheduling teamwide “lunch dates” or morning check-ins can be a great way to keep spirits up and maintain team cohesion while also letting your employees know that you care about them and are here to support them.
To help support businesses during the pandemic, many video conferencing companies are offering their products for free or at a reduced cost.
Reliable Home Internet
Employees are going to require reliable, high-speed internet to help them stay connected and access the cloud. While most employees likely have internet connections that are robust enough to support applications such as video conferencing, you should have your managers touch base with their teams to ensure everyone has the tools they need to succeed.
Depending on how much of your current infrastructure needs to change, the costs to pivot quickly may be substantial. If you weren’t planning on investing in your infrastructure to support remote work (and therefore didn’t account for it in your annual budget), the costs of this sudden pivot might be compounded if your organization is currently facing reduced profitability in the short term.
Shifting to Remote Work Can Help Future-Proof Your Business
By investing in your organization now, you can not only support your workers during this pandemic but also help future-proof your business. Though the up-front costs are certainly something to consider, remote work has many proven benefits both for employees and employers. These include increased productivity, improved performance, increased engagement, and higher job satisfaction rates. All of these benefits can, in turn, translate into higher profits in the long term, even if your bottom line is currently taking a beating.
Depending on how much of your workforce you allow to continue to work remote once the pandemic is over, you may also find that having fewer employees in the office at one time means you can reduce operating costs by taking steps such as moving to a smaller office.
Being able to support remote work effectively also means you can draw from a wider talent pool and attract workers that are either unable or unwilling to relocate for work. Offering a more flexible working arrangement can also help you attract top-talent with little to no additional costs once you have made the necessary adjustments to your current infrastructure.
Not all IT professionals can be experts at everything, and that’s okay. If your current IT department is feeling overwhelmed an experienced MSSP can help.
Technology is continually changing and evolving, creating new and innovative ways to conduct business. While many of us may still think the cloud is some futuristic concept, in reality, it’s already here and has been for a while.
What is the Cloud?
At its core, the cloud is a collection of web-based applications. Instead of purchasing a program, installing it on your computer, and running it locally, the cloud allows you to remotely access programs using the internet. Instead of running on your machine, these programs are run on large, high-tech servers. Chances are you are already using the cloud; you just might not know it yet.
An excellent example is Google Docs. Even just a few years ago, if you wanted to create a text document, you would likely open up Microsoft Word. That meant that if you wanted to start on a document using your desktop at work, then review it at home later you would have to either save the document to a USB drive and physically bring it home or email it to yourself, make any changes, and then either resave the edited document to your USB drive or re-email it to yourself.
Google Docs works a lot like Microsoft Word, but the documents you create are stored on the cloud, not your local machine. That means that if you start a document on one computer and then switch to another machine, you don’t have to bring your document with you. Instead, you simply log into your Google account from the new machine, access your Google Drive (where your Google Doc is stored), and continue working. This also means that multiple people can view, comment on, and edit the same document in real-time from different locations.
What Are the Benefits of Using the Cloud?
The cloud has many benefits beyond conveniently sharing and editing documents that update in real-time.
No Special Software
Before the cloud, if you wanted to use a program, you would need to purchase and install specialized software to do so. Now, all you need is an internet connection and an account. This makes it easy to work remotely, either from home or while away on business, and ensure that everyone is working with the most up to date version of each document or item.
It also means that you, and your company, can easily access a variety of more specialized programs without the need to physically purchase and install them.
No Data Backups
Since your data is stored remotely on a server, instead of on your computer, you don’t need to worry about backing up your data. The company that runs the servers handles all of that for you, freeing you, your staff, and your physical resources up for other tasks and lets you rest easy knowing that if an incident occurs at your organization, your data is protected.
Purchasing and installing computer programs can be both costly and time-consuming. While some cloud-based programs require monthly fees to access, these are still typically less expensive than purchasing the program outright would be.
Cloud-based programs also require less IT support from your company since you don’t need to pay a professional to install software or network computers to a server, and any problems with the software are handled by the company that provides it, not your IT personnel.
The cloud also allows employees to work remotely more effectively, which can cut down on your infrastructure costs by reducing the amount of office space your organization requires. It also means that you no longer require brand new computers almost every year to support the latest software, since even older models can easily access cloud-based programs.
One of the most important things you can do from a cybersecurity perspective is to ensure all your software is up to date. With cloud-based software, the company that created and maintains the software handles all updates for you, freeing up employees for other tasks.
Using the cloud means that your organization can quickly and easily scale your operations or storage needs up and down depending on your current situation. Any new software or upgrades can be accessed quickly and easily, and may not even require upgrading your account.
Storing your data in the cloud means that if something happens to your office, such as a fire or a power outage, you can more easily resume normal operations. Data on the cloud remains safe and secure, and can easily be accessed remotely if necessary.
Increased Cybersecurity – If You’re Prepared
A type of malware called ransomware (such as the famous Wannacry and Petya ransomware attacks) targets companies by encrypting their data and holding it hostage until the ransom is paid. Unfortunately, too many organizations are forced to cave because they don’t have proper backups of their data, and they can’t continue with normal business operations while their data is inaccessible. Storing your data on the cloud drastically reduces the effectiveness of ransomware attacks targeting your specific organization.
However, though the cloud has many benefits, it also brings with it unique cybersecurity considerations that you should discuss with your Managed Security Services Provider (MSSP). Your MSSP can help you identify potential vulnerabilities and address them effectively to safeguard your cloud-held digital assets better.
The cloud has already changed how we work, streamlining a lot of processes, making it easier to adjust our storage and operations quickly to better suit our needs, and making collaboration easier than ever. Though it has brought with it new cybersecurity concerns, these can be safeguarded against, and their potential impact mitigated, with flexible, robust, and tailored cybersecurity solutions.
Whether criminals are posting inappropriate or illegal content on your company website, sensitive data, and emails have been accessed by unauthorized users, or your data is being held hostage by ransomware, being hacked is every organization’s worst nightmare. Though there’s nothing you can do to ensure a breach never happens, there are a lot of things you can do to minimize the likelihood of a breach occurring and, if one does happen, a lot you can do to contain and mitigate the damage and disruption associated with the incident.
Contact Your MSSP
A good Managed Security Services Provider (MSSP) will help you respond quickly to a breach once you let them know a cybersecurity incident has occurred. A great MSSP will have been monitoring your systems closely and already know a breach has occurred, possibly even before you do. If, for some reason, your MSSP doesn’t already know about the breach, the first thing you should do is contact them for advice. Your MSSP will assess the situation and offer expert advice and support to help you repair the breach, minimize damage, alert users and relevant authorities, and assess the situation afterward so you can strengthen your cybersecurity defenses. Learn More: What is a Managed Security Services Provider?
Find Out How the Incident Occurred
Before you can respond effectively to the incident, you need to know exactly what happened. Was software not kept up to date? Did an employee click on a suspicious link in a phishing email? Was a company laptop left unattended and stolen? Was your organization targeted with ransomware? Once you know exactly what happened and what systems and files were accessed, you can work quickly to address the incident, thoroughly assess the damage, and take the necessary next steps.
Implement Your Incident Response Protocols
If you don’t already have incident response protocols in place, you should start crafting some right away. Each protocol is a plan that allows you to respond effectively to a specific threat or incident, sort of like safety plans for cybersecurity. Just like a fire safety plan outlines, in detail, what everyone in the building should do if there is a fire, a well-crafted incident response protocol should outline who should do what in the event of a cybersecurity incident. However, having an incident response protocol is only useful if everyone involved knows exactly what their role is and how to carry out their duties effectively. To help everyone get familiar with the plan, you should have all critical personnel work through tabletop scenarios regularly. Tabletop scenarios are like fire drills: they pose a hypothetical scenario and let your employees work through and refine their response in a no-stakes environment. When the scenario is complete, your team then sits down, preferably with someone from your MSSP, to review your response, look for weaknesses, and further strengthen your current protocols. Though scheduling a tabletop scenario now won’t help with the current situation if you have already experienced a breach or other cybersecurity incident, you should begin drafting robust incident response protocols and conducting tabletop scenarios as soon as the current situation is resolved.
If Necessary, Go Into Lockdown Mode
Depending on the nature of the incident, you may need to go into lockdown mode. If a company laptop has been infected with malware, that device needs to be isolated from the main network to avoid spreading the virus. If a particular area of the network has been compromised, that section should also be isolated from the larger network to prevent cybercriminals from accessing other systems. One way to prevent cybercriminals from easily accessing multiple systems if they can hack into your system is to follow the zero trust architecture model. Zero trust makes lateral moves within the system more difficult by automatically assuming every user is unauthorized, even if they have already verified their identity and limits access to each area to employees who truly need it to perform their duties. If your firewall and other perimeter defenses are the security guard at the front desk, zero trust architecture acts more like the RFID badges your employees wear as they move about the building. Once someone has moved beyond the security guard at the front desk, they still need to verify their identity before they can access restricted or sensitive areas, typically by swiping their keycard to unlock doors. This extra layer of security ensures that even if a cybercriminal gets past your firewall and other perimeter defenses (sneaks past the security guard), their access is limited to non-critical systems where they aren’t able to cause as much damage before they are discovered by security and removed.
Inform Your Users & the Relevant Authorities
Once you have contained the breach, isolated any infected systems or devices, and begun to repair the damage done by the cybercriminal, you need to inform your users or customers as well as the relevant authorities. For example, GDPR (which applies to all organizations and companies whose customers include EU citizens) requires breaches are disclosed within 72 hours of their discovery, and US law requires that organizations notify affected individuals if their personally identifiable data may have been compromised. Depending on which states you conduct business in, your organization will likely also be subject to other reporting laws. If you are unsure what is required of you in the event of a cybersecurity incident under state laws, your MSSP can help you review the relevant state laws and ensure that you comply with them fully.
Review What Happened & Improve Your Cybersecurity Protocols
Once the cybersecurity incident has been resolved, it is time to review your current protocols, identify which weaknesses were exploited, and craft flexible yet robust protocols to strengthen your cybersecurity posture. This task may sound daunting, but that is where your MSSP comes in. Not everyone is a cybersecurity expert, and that is alright. Your MSSP’s job is not just to monitor your systems and help you respond to breaches. They are also there to provide expert advice and suggestions and help you avoid or minimize the impact of cybersecurity incidents going forward.
Practice What You’ve Learned
Once your current cybersecurity protocols have been strengthened or updated, it’s vital that your employees understand what has changed, why those changes were made, and how they should respond to various cybersecurity incidents moving forward. Make sure any changes or updates are clearly communicated to all employees and relevant outside contractors, and that all concerned parties are given the chance to ask questions and seek clarification if necessary. Once everyone has been brought up to speed, you should contact both a tabletop scenario and, if relevant, a pen (penetration test). A pen test involves hiring an ethical hacker to stress test your current cybersecurity protocols and try to access sensitive data. Once the test is done, the hacker then sits down with your organization and details what systems they were able to gain access to and how they managed to get past your defenses. They can also then provide you with suggestions for strengthening your cybersecurity posture. A cybersecurity incident may be every organization’s worst nightmare, and when they happen, the consequences can be devastating. Having a great MSSP can help you recover quickly and effectively from a cybersecurity incident and strengthen your defenses to avoid future incidents. With 24/7/365 monitoring and a 15 minute guaranteed response time, VirtualArmour can help you craft robust yet flexible cybersecurity protocols so you can better safeguard your organization’s digital assets.
Though traditionally operational technology and information technology were kept separate, these two worlds are becoming increasingly intertwined, and both forms of technology are becoming more likely to connect to the internet.
What is Operational Technology?
Operational technology (OT) refers to the hardware and software used to change, monitor, or control physical devices, processes, and events within a company or organization. This form of technology is most commonly used in industrial settings, and the devices this technology refers to typically have more autonomy than information technology devices or programs.
Examples of OT include SCADA (Supervisory Control and Data Acquisition), which is used to gather and analyze data in real-time and is often used to monitor or control plant equipment. Industries such as telecommunications, waste control, water control, and oil and gas refining rely heavily on SCADA systems.
Many types of OT rely on devices such as PLCs (Programmable Logic Controllers), which receive information from input devices or sensors, process the data, and perform specific tasks or output specific information based on pre-programmed parameters. PLCs are often used to do things like monitor machine productivity, track operating temperatures, and automatically stop or start processes. They are also often used to trigger alarms if a machine malfunctions.
Access to OT devices is typically restricted to a small pool of highly trained individuals within an organization, and these types of devices may not be updated or changed for months or even years. Since these devices are highly specialized, they rarely run on standardized operating systems (like iOS or Windows), and instead, generally, require custom software to function.
What is Information Technology?
Information technology (IT) refers to anything related to computer technology, including hardware and software. Your email, for example, falls under the IT umbrella. This form of technology is less common in industrial settings, but often constitutes the technological backbone of most organizations and companies. These devices and programs have little autonomy and are updated frequently.
Access to IT programs and connected devices are typically less restricted than to OT devices, and many, if not all, employees at a given organization may be granted access.
The main difference between OT and IT devices is that OT devices control the physical world, while IT systems manage data.
What are Industrial Control Systems?
Industrial control systems (ICS) are a type of OT and consist of any systems that are used to monitor or control industrial processes. This could include a mining site’s conveyor belt or an alarm that lets employees know if a piece of equipment is getting dangerously close to overheating.
ICSs are often managed by SCADA systems, which may provide users with a graphical user interface. This interface allows the user to observe the system’s current status, enter system adjustments to manage the process, and observe any alarms that indicate something is wrong.
How to Intermix Operational & Information Technology with Industrial Control Systems
At first glance, IT and OT may not seem compatible. OT systems are isolated and self-contained, designed to run autonomously, and rely on proprietary software. On the other hand, IT systems are connected by nature, have little autonomy, and generally run using readily available operating systems. However, incorporating IT into your OT operations can have many benefits.
IT Can Improve OT Operations
In the past, most OT devices were utterly cut off from not only the internet but even most internal networks, and could only physically be accessed by a select few authorized employees. However, it’s becoming increasingly common for OT systems (including ICSs) to be monitored and controlled using IT systems.
While inputs on many OT devices may have traditionally been limited to a physical panel or keypad that required workers to input commands or data physically, more OT systems and devices are now being controlled and monitored remotely via the internet.
IT can be used to make operating an ICS or other OT device easier. IT can be used, for example, to monitor parts and alert employees when a component is failing, allowing the employees to procure and install the spare part before the damaged part fails. By replacing the damaged part before it fails, employees can not only help ensure that production isn’t disrupted but can also prevent a cascading effect if the damaged part’s failure could lead to more extensive damage. A damaged part may not only cause a machine to fail, but that failure could also have serious consequences for the health or safety of employees working nearby.
IT can also provide employees with real-time reports on the state of the OT device, and allow them to respond and correct system errors in seconds. This means that if an alarm goes off to let employees know that a piece of equipment is malfunctioning, they can either shut down the device remotely (reducing the chances of an industrial accident) or otherwise address the situation right away before it becomes more serious.
Don’t Forget to Secure Your Connected OTs
IT systems can be a huge boon for ICS and other OT systems; it can also leave OT systems vulnerable to cybersecurity attacks if appropriate precautions aren’t taken. Any time a device is allowed to connect to the internet, or even to a network that can be accessed via the internet, there is a chance that a cybercriminal could gain unauthorized access.
A cyber attack against an OT device could have catastrophic consequences. Not only can specialized equipment be damaged (resulting in costly repairs), but the damaged equipment could pose a health or safety hazard.
Before you integrate IT into any OT system, it’s vital that you create and implement appropriate cybersecurity protocols. A good MSSP (Managed Services Security Provider) can help you do a thorough audit of your current systems, and help you ensure that adding IT to your ICS or other OT device won’t compromise your cybersecurity.