Can a health emergency impact cyber security management in an OT environment? The answer is yes. The Covid-19 pandemic that we are experiencing globally, in fact, has changed many of our habits and introduced new needs and requirements both in the private and public sphere. Adaptation to the rules of hygiene and sanitation has, in fact, led to the introduction of new control tools and the modification of procedures to manage production lines and the provision of services. With consequences under the profile of security.
More controls, more data to protect
One of the factors that has the greatest impact on cyber security in the OT environment is the amount of information stored in the systems, the accumulation of which automatically leads to a greater impact in the event of a data breach. In the OT environment, as cyber security experts point out, the health emergency has caused a marked increase in the amount of data processed. Just think of local transportation access control systems, which use video surveillance systems to estimate facility attendance and manage passenger flow. All processed video represents data that contains potentially sensitive information and therefore requires special protection. Those who have implemented these tools must therefore manage a type of information that normally followed a different and separate path from the OT domain, such as surveillance. The mixture of the two areas (the operational one and the one related to the physical security of the environments subjected to video surveillance) modifies the architecture of the infrastructure and requires an adjustment of the protection systems.
The importance of access management
Other factors affecting cyber security in OT environment is related to remote working and, more generally, travel restrictions. Even if the tools for the remote administration of IT infrastructures and the management of production lines are widely diffused, the prescriptions that foresee limitations to travel (or, trivially, the fiduciary isolation for employees who have had contact with Covid-19 positive subjects) have caused an exponential increase of remote accesses. A way to work, in the OT environment, is significantly less prevalent than in other industries. The need for physical presence for certain interventions, in fact, has always been considered an element of security, often identified with the concept of "air gap", i.e. the impossibility to access tools remotely. IIn other words, the fact that a physical connection via cable was required to change the settings of the ICS (Industrial Controller System) allowed security to be guaranteed by simply banning the area in which the devices were present. Instead, n the new scenario, the provision of tools for remote intervention has become a necessity and access management, consequently, a security priority.
Cyber security in the OT environment in the near future
Many of the factors identified are of a contingent nature and may lose their incisiveness at the end of the health emergency linked to Covid. Experts, however, emphasize that procedures and policies in the field of cyber security must be inspired by long-term logic. In other words, all companies and organizations will have to adapt in anticipation of the "worst case", i.e. the hypothesis that pandemics such as the one we are going through could cyclically repeat. A hypothesis, although not desirable, which it is necessary to be able to cope with by having adequate tools and clear rules. This diktat is particularly stringent for all those productive realities with "critical" characteristics (such as those operating in the energy sector) or those active in the field of essential services. In short: if the mixture of IT and OT environment has already turned the spotlight on the need to adequately protect digital systems for the management of production activities, the Covid emergency has added new elements of complexity that all companies and organizations must face as soon as possible.