OT/ ICS Security
The main objective of the OT/ICS Security Focus Group is to share information on the security challenges of OT/ICS and the convergence between OT/ICS and IT. Focus Group members aim to learn from each other by sharing implementation experiences, best practices on internal processes/organization and security management at large in OT/ICS environments.
Objectives
IT and OT/ICS used to be seen as two distinct domains of a business. IT focused on all technologies that were necessary to manage the processing of information, whereas OT/ICS supported the devices, sensors and software that were necessary for physical value creation and manufacturing processes. While their focus has remained the same over the years, recent developments have begun to force the two areas closer together.
From the very beginning, security of OT/ICS has relied almost entirely on the standalone nature of OT/ICS installations, security by obscurity! But at least since 2005, OT/ICS systems have become linked to IT systems with the corporate goal of widening an organization’s ability to monitor and manage its OT/ICS systems, which has introduced massive challenges in securing them:
- IT systems are designed around CIA: ‘Confidentiality, Integrity, Availability’
- OT/ICS components are often built focusing only on functional goals without basic IT security requirements built in. These components may be insecure by design and vulnerable to cyber-attacks.
- OT/ICS used to be isolated and dedicated without updating/patching cycles (risk of downtime)
- But industry 4.0 (proactive maintenance, process improvements, big data, cloud, AI, remote access) demands interconnection of OT/ICS networks with IT.
- So, IT security threats are now also OT/ICS security threats!
Topics
The following topics were debated in this Focus Group: OT/ICS security governance implementation, compliance & certification (IEC 62443), and SOC services for OT/ICS. Thales Group presented the National Digital Exploitation Centre (NDEC), a very advanced cyber testing and development facility, which it co-developed by the Welsh Government, and the University of South Wales.
Practices
The OT/ICS Security Focus Group generally convenes on a quarterly basis, generally in person.
How to join the group
Admission to the Focus Group is subject to Coalition membership and an intake interview with the permanent chair.
The Focus Group is geared towards:
- OT/ ICS vendors who can provide insights into the latest threats and vulnerabilities affecting OT/ICS systems
- OT/ ICS operators who can provide insights in the challenges of securing OT/ ICS systems in real-world environments
- Researchers can provide insights into the latest research on OT/ICS security.
- Government agencies can provide insights into the regulatory landscape for OT/ ICS security
