Secure your seat for our upcoming NIS2 and segmentation webinar here

“Listen to each other and reinforce each other” – Rob Verseijden on the integration of OT and IT security

In the world of OT, cybersecurity is often seen as an incidental/secondary concern. However, the risks are significant for companies that fail to adapt to the growing external threats. Rob Verseijden, OT and ICS Cybersecurity Specialist at Batenburg Techniek, offers a clear perspective on the integration of OT and IT security and the importance of collaboration between the two.

The challenges of outdated OT systems

The OT sector faces major challenges, especially when it comes to protecting older systems that have often been in use for years and were not designed for today's cybersecurity needs. Rob explains that many of the machines currently running in OT environments were originally not intended to be connected to the internet. "Historically, machines were designed to last 15 to 20 years, and they had no connection to the outside world," he says. "They were designed for reliability, not for cybersecurity."

However, with the shift towards IT networks, security is no longer automatic. "When you try to connect these machines to the internet, it quickly becomes clear that the systems were not designed for the security we need now," Rob explains. The challenge lies in protecting the outdated technology running in many OT environments. "You can't just update everything like in IT. When you want to implement an update to a security system, you need to shut down the factory to test whether the system still functions properly afterward. The risks are much higher."

The rise in cyberattacks: How OT systems become vulnerable

With the increased digitalization and use of the internet, OT systems are increasingly coming into contact with the outside world. Rob observes an increase in cyberattacks but emphasizes that the cause is often not just the connection to the internet. "Most attacks come from the outside, but the vulnerability is much broader than just internet connections," he states. The problem often lies in the fact that OT systems are unprepared to handle modern attacks. "It’s usually automated scripts that attack your systems, not manual attacks."

Therefore, Rob advocates for better security for both IT and OT environments. "Most attacks come via automated scripts trying to gain access to systems. The question is not whether you'll eventually become a victim, but when. We need to act proactively by ensuring good security and cooperation between OT and IT."

IT and OT: The key to collaboration

The integration of OT and IT systems is essential for improving security, but Rob states that it is often not easy. "Historically, OT and IT teams were completely separate worlds. They had different goals, different jargon, and work methods," he says. "The challenge is that they often talk past each other without truly understanding one another. But if you want the OT environment to be secure, IT teams must understand what the OT world is about, and vice versa."

Rob believes both teams can strengthen each other. "The IT environment can form an extra buffer zone for OT systems. By implementing good network security, risks can be better managed." However, this does not mean that you should move all production processes to the cloud. "I see the power of the cloud, but when it comes to critical infrastructures, physical systems need to remain secure. You can’t just move critical infrastructures to the cloud."

Another point Rob makes is that OT systems often have different requirements than IT systems, especially regarding confidentiality, integrity, and availability. "In the OT world, availability is paramount. If your production processes stop, the impact can be enormous," he explains. "In the IT world, it's often about confidentiality, but in OT, the system must be available at all times to remain secure."

The power of DataDiodes and domain separation

Rob is a strong advocate of technologies like datadiodes and domain separation, which can help protect OT environments without disrupting operational efficiency. "Datadiodes are a powerful tool to ensure data flows in only one direction. This prevents malware from the outside from infecting an OT system," he says.

However, he emphasizes that implementing a datadiode is not always the right solution. "It depends on which protocols need to pass through the system and whether your system is even suitable for a datadiode. If you decide to use a datadiode, you need to understand which data flows through it and whether that data is static enough to stay secure." In production environments, such as the water treatment or chemical industries, he sees clear benefits. "You can use the datadiode, for example, to keep your backups secure, so you're protected against attacks that could affect your system."

Compliance and NIS2: The need for more than just achieving standards

NIS2 is an important regulation for cybersecurity in the EU, and Rob acknowledges that the standards provide a strong framework for companies looking to improve their security. However, compliance is only part of the story. "NIS2 helps companies by providing a framework, but it’s not enough to just meet the guidelines. You must also invest in the resilience of your systems," he says. "It's not just about complying with the standards; it’s about creating a culture of security within your organization."

He points out that companies that are doing well in cybersecurity were often already implementing security measures before NIS2. "Most companies who are serious about cybersecurity are doing it proactively, not because regulations are forcing them. Compliance is a benefit, but the real work lies in creating a safer environment."

How Batenburg supports companies with OT and IT integration

Batenburg plays a crucial role in supporting companies that want to adapt to the changing demands of OT security. "We help companies from start to finish. Whether it’s the initial risk analysis, implementing security measures, or verifying compliance after implementation, we are there at every step of the process," says Rob.

Batenburg’s approach is hands-on and focused on creating a sustainable security culture. "Our role is to help companies understand what they need, where to invest, and how to prepare for the challenges ahead," he explains. The goal is always that companies become capable of continuously improving and strengthening their systems.

In short, the integration of OT and IT security is no easy task, but it is essential for the future of the sector. Rob emphasizes the importance of collaboration between both worlds to improve the security of critical infrastructures. "Start by listening to each other, strengthen each other, and ensure that you work together for a safer future."