Bridging the gap between IT and OT is a key objective for a growing number of organisations in the life sciences sector. The benefits of doing so are substantial, including having increased OT oversight and being able to use OT data to transform business operations. When bridging the IT/OT gap, it is essential to understand the cybersecurity risks that are involved and how to mitigate them.
Cyberattacks on any organisation can have significant financial and reputational ramifications. In the life sciences sector, there are additional risk factors that are arguably even more important, including the risk to patient safety.
Therefore, prioritising and investing in cybersecurity is essential for life sciences sector organisations.
Competing Priorities
By taking steps to bridge the IT/OT gap, cybersecurity risks increase. In simple terms, IT security is mature and well-established. It isn’t perfect, but IT security is substantially more advanced than OT security.
Potential cybersecurity outcomes include production line shutdowns or compromised product batches. Bridging the IT/OT gap can also expose IT systems to OT cybersecurity vulnerabilities.
OT Cybersecurity Vulnerabilities
There are many reasons why bridging the IT/OT gap can increase cybersecurity risks, but most come under the heading of existing OT vulnerabilities, starting with the vulnerabilities created by legacy systems.
Legacy Systems
Legacy systems are common in many life sciences manufacturing facilities, and they are often central to operations. They also often run on outdated and potentially vulnerable software. Historically this has been tolerated, as uptime was considered more important than fixing something (by updating the software) that isn’t, from an operational perspective, broken.
Connecting these legacy systems changes the equation.
Cybersecurity becomes an essential consideration when connecting equipment to the internet that has never been connected before and, in some cases, was never intended to be connected when it was first developed and manufactured. These legacy OT systems typically don’t have built-in security features and where they do exist, they are often minimal and outdated.
Organisational Culture
The biggest cybersecurity challenges that organisations face are typically not related to equipment or machines. The biggest challenges relate to people, as people are often the softest entry point for a cyber-attack.
This applies when bridging the gap between IT and OT. You have the same people-related security issues that apply to any connected system, but you also have the added complication of disconnected teams. This common lack of coordination and collaboration between IT and OT teams increases cybersecurity risks.
Multiple Systems
OT typically comprises a mix of old and new technologies, equipment, and platforms all with different security features and vulnerabilities. The simple fact of having multiple systems increases cybersecurity risks.
There are then additional risk factors, such as OEMs being connected to their equipment for performance monitoring and maintenance reasons. While these types of connections bring benefits, they also create additional entry points for cyber-attacks.
All Production Lines Are Prototypes
No two production lines are the same, even if they are manufacturing the same product. As a result, all production lines in the life sciences sector are essentially prototypes with bespoke integrations and connections. This reality adds to the cybersecurity challenge.
Growth of the IIOT in Health Care
The industrial Internet of Things (IIOT) is transforming many aspects of healthcare with devices that monitor patients and control the administration of treatments automatically and in real-time.
All that new patient data increases the potential value of life sciences sector companies in the eyes of hackers and cybercriminals.
Existing Cybersecurity Solutions
It’s also important to consider existing cybersecurity solutions, as most are aimed at IT rather than OT environments. They are feature-packed, highly robust, and powerful, but they have an IT rather than OT focus.
This can present challenges in OT environments that exacerbate the cybersecurity problem.
Take multi-factor authentication (MFA) as an example. MFA is used in many organisations to beef up cybersecurity and ensure accounts, platforms, and systems are less vulnerable to weak, shared, or hacked passwords.
In a typical office environment, MFA is a small hurdle for users to overcome. They simply use their phone to get the access code from a text message or app to authenticate their login. How can you replicate this in the hygiene-controlled environments of pharmaceutical manufacturing facilities, medical device cleanrooms, or pharma laboratories?
An Introduction to Mitigating Cybersecurity Risks When Bridging the IT/OT Gap
We will explore in more detail in a future blog the mitigation steps that can be taken to reduce cybersecurity risks when bridging the IT/OT gap. The main points include:
- Flatten the stack – reduce the number of systems, particularly in the OT stack, to reduce the potential attack surface for cyber criminals.
- Technical steps – examples of technical steps that can be taken to enhance cybersecurity when bridging the IT/OT gap include creating secure access protocols at every endpoint, encrypting network traffic, and protecting both IT and OT with firewalls.
- Organisational management and people – ensure IT and OT teams work together, particularly on cybersecurity issues, while taking a holistic approach to security that includes both IT and OT teams. Continuously training staff on cybersecurity issues is also important.
- Vendor management – OEMs and software vendors are critical cybersecurity components, so they should be thoroughly vetted and managed.
The most important factor to mitigate risks when bridging the IT/OT gap is to put cybersecurity at the centre of your planning, with cybersecurity considerations factored into every decision and strategy implementation step.
