Knowledge OT Security – An Essential for Overseas Locations and Factories: Introduction to Risks and Specific Countermeasures（1/3）～OT security risks at overseas locations and factories～

OT (Operational Technology) security refers to security measures designed to protect industrial control systems, known as OT systems. The importance of OT security has been influenced by the rapid progress of digitization and the shift to smart factories. Conventional OT systems are built and operated based on the design concepts from the time of factory establishment and are not designed with security as a top priority. As a result, many factories continue to operate legacy systems designed more than 10 years ago, and security vulnerabilities have become a significant issue.

In addition, the integration of IT and OT systems is accelerating due to the recent shift towards digitalization and smart factories. However, as supply chain systems become connected to cloud services, various devices are networked, leading to a surge in cyber security risks.

From a risk management perspective, OT security measures are essential to protect companies and production facilities from attacks that target system and OS vulnerabilities.

To achieve OT security, it is necessary to understand the risk factors unique to overseas locations and OT environments.

In an OT environment (factory), the availability of the production system is of utmost importance, so unlike in an IT environment, it is difficult to respond quickly in the event of a cyber-attack, and there is a risk of increased costs due to system outages. 

In environments where availability is critical, it is not uncommon for older OSs and systems to continue in use, making it challenging to apply the latest security patches. This can result in unchecked vulnerabilities, leading to unrecognized security risks.

Many legacy systems that have been in use for many years are not up to date with the latest cybersecurity standards. If they continue to operate without resolving vulnerabilities, they become easy targets for cyber-attacks and can lead to severe damage, such as being used as entry points for attacks targeting headquarters.

In addition, many OT systems are not designed for network connectivity and may not be able to utilize current IT security tools as they are. For example, indirect methods such as virtual patching must be used to address vulnerabilities.

OT systems provide real-time control and monitoring, so system delays and failures can seriously affect safety as well as the entire production line. For example, system delays caused by cyber-attacks can directly impact people's safety, especially if the control systems of power grids and transportation infrastructure are attacked.

Uniquely designed systems based on each country's laws and regulations can undermine consistency in OT security.

Headquarters need to bridge the gap between global standards and the situation at each location while considering the security measures and standards required at each location.

Cyberattacks on OT systems at individual sites can potentially spread throughout the entire supply chain. Particularly in supply chains where interactions with business partners are the primary focus, there is a risk of significant impact not only on that company but also on others.  

For example, in the case of an incident at an automotive company, a major supplier was the target of a cyber-attack that halted production at all its plants because they were connected through the supply chain system.  

To minimize risks, it is essential to establish a rapid response system and continuously update devices and systems connected to the supply chain to keep them up to date.