IT vs OT Assets
IT and OT cyber security are sometimes confused as being the same thing, however they have fundamental differences in their requirements for securing assets. This is because IT assets are typically digital, and OT assets are typically physical.
IT assets have developed prioritising Confidentiality, Integrity, and Availability. Businesses with IT infrastructure need to ensure that their IP (intellectual Property) remains secure as this is their advantage over competitors. Protecting this data is the primary goal of IT cyber security. Following this, is to ensure that data is remains uncorrupted. Lastly, data needs to be available internally for any appropriate person requiring it.
OT assets prioritise (in order of most importance) Control, Availability, Integrity, and Confidentiality. The main goal for OT cyber security is to maintain control of all physical assets to always ensure their safe operation. This goal overrides all others because if physical assets cannot be operated safely, they shouldn’t be operated at all. Secondly, OT assets need to be available as they are usually operating continuously throughout the year. Integrity of the asset data is also important as it ensures safety and availability followed lastly by confidentiality of the data.
By focusing on control and availability, OT assets have developed differently from their IT counter parts. OT assets’ inherent demand for high uptime results in cyber related security patches/updates not being implemented causing many vulnerable systems to remain in operation. OT systems also include legacy assets. These assets were designed in a more secure cyber era when OT systems were “Air Gapped”. Protocols like Modbus remain popular due to the reliability and support. However, these old protocols were designed without encryption or authentication, making communication easy to intercept, modify or interrupt.