Get started
IMPACT 2025
Resources/Blog/

Spaghetti: great for dinner, not so tasty for OT Security

Spaghetti: great for dinner, not so tasty for OT Security

  • Industrial DataOps

Published at: 4/13/2022, 1:00:00 PM

Team Cognite

Cognite

Internet of Things (IoT) is changing Operational Technology (OT) in amazing ways, taking data out of proprietary vendor silos, connecting folks that are not on the plant floor to real time operations data, and truly enabling fleet optimization in functions like maintenance, trading, and sustainability. Initiatives like smart manufacturing depend on industrial control system data being accessible at the enterprise level and industrial asset data being contextualized to create a common view of the truth.

While these changes are solving some big problems, the implementation of this technology can bring significant security risks. These IoT devices and service providers with remote access create new holes in firewalls, more software and devices to manage, and more vendors to review. 2021 was no party for OT security teams, securing more remote access and IoT devices while dealing with aging workforces and understaffed teams (there are 600,000 unfilled security roles in the US alone). One industry veteran told me that OT reference architecture is starting to look like a pile of spaghetti coming in and out of layer 3 of the Purdue model. Notorious B.I.G. said “Mo Money, Mo Problems”. These days, industrial cybersecurity teams would say “Mo IOT, Mo Problems”.

So how can we flip the script, from IoT creating more attack surface on the plant floor to IoT serving and enabling our security teams? The same OT asset contextualization and secured access that have enabled operations teams can supercharge our security analysts to understand how vulnerabilities and remediation will impact industrial processes. When security analysts have insights into potential process and operational impacts, they can take more immediate actions to respond and recover from security events.

Industrial data operations can solve some major challenges managing industrial service providers. Remote service providers can access operational data directly from the industrial data operations layer in lieu of connecting directly to control networks. The data operations layer secures data (encrypted in transit and at rest), minimizes direct connections into lower levels of industrial networks, adds highly granular access control (mesh), and facilitates monitoring at scale. Post-COVID, remote service contracts will continue to grow in the industrial space. Dragos reported that in 2021, external (remote) connections to OT more than doubled with 70% of companies allowing remote access to service providers, often providing unchecked access to automation systems.

We have to engage security teams as an integral part of digital teams, not just as a reviewer after technology has been piloted. We can challenge our digital innovation teams to leverage the same industrial data contextualization layers leveraged by operations and maintenance to address key security user stories. Let’s invite security teams to the Industry 4.0 party in 2022 and to quote Biggie again, 2022 should be the year that IoT “went from negative to positive” for security teams.

Read more on how IR 4.0 can support security teams in critical infrastructure.

  • Blog - Generative AI

    Cognite Atlas AI Hackathon: 24 Hours of Rapid Innovation

  • Blog - Data Contextualization

    Reliability Redefined: Using Proactive Maintenance and Digital Workflows for Peak Performance

  • Blog - Data Contextualization

    Key Takeaways from Hannover Messe: AI + Knowledge Graphs and the Push for Interoperability

Want to learn more about our product?

Sign up for our monthly newsletter

Sign up today to receive new content, news, product updates and more, delivered directly to your inbox

Sign up for Cognite Newsletter

Your monthly Cognite news, product updates, and expert content

Product

Unique Value

Why Cognite

Strong Industrial Heritage

FAQ

Benefits

Digital Transformation Leaders

Executives

Operations Teams

IT Teams

Offering

Cognite Data Fusion®

Cognite Atlas AI™

Cognite Success Tracks

Get Started: Data Fusion Quick Start

Industrial Tools

Industrial Canvas

Field Operations

Maintenance

Robotics

Explore

Cognite Demos

Cognite Product Tour

Solutions

Industries

Upstream Energy

Downstream Energy

Continuous Process Manufacturing

Power Generation

Power Grid

Renewables

Solution areas

Advanced Troubleshooting

Field Operations

Data-Driven Turnaround Planning

Partner Ecosystem

Partners

Cognite Embedded

Customers

Success Stories

Value Review

Resources

Resources

All Resources

Webinars

LLM/SLM Benchmark Report

The Definitive Guide to...

... Industrial Agents

... Generative AI for Industry

... Industrial DataOps

Other

Company

About us

Newsroom

Careers

Leadership

Security

Ethics

Sustainability

Policies

Code of Conduct

Customer & Partner Privacy

General Privacy

Human Rights Policy

Vulnerability disclosure policy

Recruitment Privacy Notice

Report a Concern

Privacy PolicyTerms of Service

2016-2025 © Cognite AS. All Rights Reserved