IT/OT Convergence and Cybersecurity: Expert Insights from Cybertrol
September 6, 2024

IT/OT Convergence and Cybersecurity: Expert Insights from Cybertrol

Today, the seamless integration of IT (information technology) and OT (operational technology, often referred to as ‘industrial IT’) is a critical focus for companies within the industrial sector. In this interview, Alexander Canfield, Principal IIT Engineer/OT Architect at Cybertrol Engineering, discusses the company’s approach to IT/OT convergence and cybersecurity, and shares what distinguishes Cybertrol in the industry.

Alexander, can you introduce yourself and your role at Cybertrol?

Alexander Canfield: My name is Alexander Canfield, and I’m the Principal IIT Engineer/OT Architect at Cybertrol. I joined the company following the ESE, Inc. acquisition in 2019. I have about 20 years of IT experience, 10 years in industrial IT and another decade in general IT. At Cybertrol, I lead a team of engineers across the United States, specializing in industrial IT.

Why is IT/OT convergence becoming increasingly important for businesses?

Alexander Canfield: IT/OT convergence is crucial because customers want more data from their OT systems integrated into IT areas. This requires secure accessibility to data, making collaboration between IT and OT more important than ever. Properly integrating and securing these networks ensures businesses can achieve greater results while maintaining security.

Before the increase in IT/OT convergence, OT networks were generally air-gapped and completely separate from the outside world. Because of this, they were shielded from many cyber threats. Today, IT and OT networks are increasingly connected, so it's crucial to protect the OT area from IT-side threats and ensure that IT processes do not interfere with OT processes, and vice versa.

Years ago, IT and OT had very separate goals, but today, their paths are increasingly intertwined due to the demand for more data and better system integration.

What are some of the most common cybersecurity threats Cybertrol sees today?

Alexander Canfield: Common threats include malware infiltration, human error, lack of visibility, outdated software, and insecure remote access. Addressing these threats requires continuous vigilance and updated security practices.

We've seen significant increases in phishing, ransomware, and DDoS (distributed denial of service) attacks. Our use of tools like Cisco Cyber Vision helps us monitor and address these threats effectively by providing detailed insights into network traffic and potential vulnerabilities.

2024-State-of-OT-and-Cybersecurity-by-Fortinet-Threat-TypesChart courtesy of 2024 State of Operational Technology and Cybersecurity Report by Fortinet

This graph from Fortinet shows the increase in various cyber threats over the past few years, highlighting the growing challenges we face in OT cybersecurity.

2024-State-of-OT-and-Cybersecurity-by-Fortinet-Threat-TechniquesChart courtesy of 2024 State of Operational Technology and Cybersecurity Report by Fortinet

Another important aspect is understanding where these threats are occurring. This graph illustrates the different areas compromised by cyber threats, such as mobile security breaches and web application compromises.

How does Cybertrol approach cybersecurity?

Alexander Canfield: At Cybertrol, cybersecurity is integrated into everything we do. We don’t try to compete with traditional cybersecurity software companies; instead, we leverage our strong background in OT hardware and infrastructure design. We perform comprehensive analyses and remediation, working closely with IT and OT groups to ensure robust cybersecurity measures.

Cybersecurity is not one process, project, or a piece of software. It has many processes and is integrated into everything that we do. Cybersecurity is not just about one particular tool, technique, or network architecture: it's about a layered approach to processes, planning, and implementation at every level, from password strength to disaster recovery planning.

Can you provide an overview of Cybertrol’s industrial IT and OT services?

Alexander Canfield: Absolutely. We offer five essential solution deliverables:

1. Network Analysis and Remediation: This service helps both IT and OT departments understand and map their existing infrastructure, proposing a roadmap to achieve their desired future state. Our process includes identifying all OT hardware, network schemas, IT/OT boundaries, physical and functional software connections, existing server virtual infrastructure, SCADA platforms, network firmware, disaster recovery measures, and providing a comprehensive executive summary.

Essentially, this is about understanding the current network architecture and ensuring it is optimized for performance and scalability. We identify vulnerabilities and inefficiencies in the network but primarily focus on the technical infrastructure and connectivity aspects rather than specific security protocols.

OT Network Assessments

OT Network Assessments

Don't feel trapped within your legacy network infrastructure. Take back control of your network.

2. Industrial Server Data Centers: We design and deploy virtualized data centers to manage all SCADA, reporting, system backups, and other data-related software based on our customers' needs.

This is about creating a robust, centralized hub for all critical data.

3. Edge Computing: For customers where a traditional data center doesn’t make sense, we deploy edge systems closer to the devices to manage data efficiently and reduce network load. This is particularly beneficial in situations with limited space or specific environmental constraints.

Edge computing allows us to bring the power and efficiency of data centers right to the source of data generation.

4. Cybersecurity Analysis and Remediation: Unlike our Network Analysis service, which focuses on mapping and optimizing infrastructure, Cybersecurity Analysis dives much deeper into the security aspects of both IT and OT systems. This service involves a comprehensive assessment of current cybersecurity measures, processes, and procedures.

We evaluate how user accounts are created and managed, the frequency and methods for applying security patches, the protocols for remote access, the management of firmware updates on OT devices, and the control of physical access points such as USB ports. This service is more specialized and detailed, focusing on preventing unauthorized access and ensuring robust security practices are in place.

5. OT Network Design and Deployment: We collaborate with both IT and OT to deploy new or upgraded systems, whether for new (greenfield) or existing (brownfield) facilities. For brownfield projects, we often work on intricate tasks such as changing systems without disrupting ongoing operations.

Imagine changing the engine of a car while it's still running—that's what we do with brownfield projects.

What differentiates Cybertrol’s IT/OT services from other providers?

Alexander Canfield: What sets us apart is that we are not just another engineering company with automation engineers who happen to do some IT. We have dedicated, certified engineers who specialize in industrial IT/OT.

We have engineers on our team with the following certifications:

We’re the guy in your back pocket that you call when you're stuck. We’re the people you can call for help, planning, or issues. We're not just an add-on service; this is our primary focus. We excel at what we do, and we ensure that our solutions are not just implemented but are done correctly and efficiently.

As an example, one of our customers had a network where every switch was just taken out of the box and plugged in with no configuration. This caused the whole network to crash when certain connections were made. We stepped in, assessed the situation, and reconfigured the entire network to ensure stability and efficiency.

What industry standards does Cybertrol follow for its IT/OT services, and why are these standards important?

Alexander Canfield: In addition to individual team member certifications, we also follow globally recognized standards to ensure quality and security:

These standards are crucial for maintaining secure and efficient industrial systems. For instance, the Purdue model helps in segregating the network into different zones, enhancing security and manageability.

Can you explain Cybertrol’s process for implementing IT/OT solutions from start to finish?

Alexander Canfield: Initially, we work with customers to identify their problems or desired solutions. We then collaborate with their IT, OT, and business groups to assess the current state of their infrastructure. From there, we develop a plan to achieve their business goals with excellence, ensuring all stakeholders are involved and informed throughout the process and acting as a go-between for IT and OT teams.

For instance, we had one customer who brought us in to work with their IT group to best replace aging server and network infrastructure. We worked with both groups to incorporate both IT standards for the server environment and cable labeling. We also helped the IT group understand the needs of OT network standards when choosing hardware and how that hardware benefited the entire network infrastructure. This kind of hands-on, detailed approach is what sets us apart.

What is Cybertrol’s promise to its customers regarding IT/OT services?

Alexander Canfield: Our promise is to provide world-class industrial IT solutions for industrial challenges. With 92 years of cumulative experience and numerous IT/OT certifications among our team members, we have a proven track record of successful projects across small, medium, and large customers. We have engineers located in four different states (California, Michigan, Wisconsin, and Minnesota), which allows us to provide timely and efficient service.

We're not just an automation group acting like it can do industrial IT. We are the real deal. We are an IT group that is very experienced in OT environments.

At Cybertrol, we are committed to delivering robust industrial IT/OT solutions, with a strong focus on ensuring secure and seamless IT/OT convergence, recognizing its critical importance in today’s connected industrial environments. Our experienced team and adherence to global standards ensure that we deliver reliable, secure, and efficient solutions for our customers. Whether you're looking to analyze your network, deploy new infrastructure, or enhance your cybersecurity posture, Cybertrol has the expertise and commitment to help you succeed.

We are not just here to sell you a service; we are here to ensure your success.

For more information, read this case study on developing the framework for enterprise-wide cybersecurity standards or contact us.