News

OT security should not be solely entrusted to IT department! What is the most effective method for preventing production interruptions caused by cyber-attacks?

May 15, 2024

Mitsubishi Electric Corporation and TXOne Networks entered into a collaboration agreement in December 2023 to bolster their security business for OT (operational technology) in sectors such as manufacturing sites. As a rapidly expanding entity in the OT security domain, TXOne brings considerable expertise to the partnership. Key representatives from both organizations will elaborate on the benefits of Mitsubishi Electric, who is the leading company in Factory Automation business, aligning with TXOne to provide customers with comprehensive OT security solutions, including invaluable insights and strategies for enhancing security measures.

 


Is the Manufacturing Site a “Jungle” for IT Teams?
Interdepartmental Barriers Faced in Strengthening OT Security

――Why did Mitsubishi Electric and TXOne Networks decide to collaborate to expand the OT security business?

 

Mr. Shibata
As cyber attacks continue to escalate in both frequency and complexity, numerous companies have proactively implemented measures to enhance their IT security infrastructure. With a heightened awareness of cybersecurity risks, organizations are now setting their sights on implementing comprehensive OT security measures.

 

Mr. Liu
The field of OT security has truly emerged in its early stages over the past few years, wouldn’t you agree?

 

Mr. ShibataThe push to strengthen OT security stems from both external and internal pressures, including the surge in cyber-attacks targeting OT systems and the corporate drive towards Digital Transformation (DX). However, despite this recognition of the importance of OT security, many companies find themselves grappling with uncertainty regarding where and how to begin.

 

――Wouldn’t everything work better if it were left to the information systems department and others with IT security measures in place?

 

Mr. ShibataImplementing OT security measures have inherent challenges.

Mitsubishi Electric, with ties to both IT and OT representatives, faces hurdles of the customers due to the IT team’s limited understanding of the actual conditions at manufacturing sites, this knowledge gap hampers the formulation of realistic OT security strategies.
Even when it comes to “high availability” (i.e., the ability to keep the system running = the ability to maintain on-site productivity), highly pursued by personnel for its role in maintaining on-site productivity, there’s uncertainty about the optimal level.

Conversely, OT personnel seasoned veterans with decades of hands-on experience, often lack expertise in security protocols. Compounding the issue, interdepartmental communication between IT and OT is typically lacking. This disconnects leave IT staff feeling overwhelmed, perceiving manufacturing sites as security “jungles” and distancing themselves from OT security initiatives.

 

Mr. Liu
The world of OT is highly fragmented, with diverse verticals often characterized by distinct environments. The environments of semiconductor, pharmaceutical, and automobile manufacturing sites differ in every way, including equipment and processes. Even within the same industry, the equipment configuration differs depending on the site. When it comes to enhancing security, it is natural that it is difficult to know where to start.

Further complicating matters is the “legacy” nature of the equipment used in the field. When I go to a client, I first ask, “Do you have any legacy machines?” “Of course we do.”

This also contributes to the difficulty of strengthening OT security.

 

It seems that there are unique difficulties in strengthening OT security. In the following pages, Mr. Shibata and Mr. Liu will explain the clear reasons why OT security measures should be regarded as an investment for corporate growth, as well as the perspectives and know-how required to maintain “operational continuity” in case of cyber attacks.

 


The reality of internal and external pressures to strengthen OT security.
Why should the cost of countermeasures be viewed as an “investment”?

――So legacy machines are a headache for strengthening OT security?

 

Mr. LiuMany sites have 20- or 30-year-old equipment running on unsupported Windows operating systems and other operating systems. These legacy devices are more vulnerable to cyber attacks when security patches are not available, and “protecting legacy machines” has become an extremely important issue for most companies.

The IT department, which replaces the latest PCs every three to five years, may be tempted to think that it is more reasonable to replace equipment as needed and rebuild the system if a solid security system is to be put in place.

But in terms of semiconductor manufacturing equipment, each unit is expensive, costing several hundred million to several tens of billions of yen, and equipment is not something that can be easily replaced. Besides, according to a 2022 survey conducted by TXOne of 300 large companies in Japan, the U.S., and Germany, 47% of all companies responded that they had such experiences that the virus came with the new equipment. New equipment does not necessarily prevent cyber-attacks on OT.

 

 

 

――The more I hear, the more difficult it seems to strengthen OT security. Nevertheless, why are more and more companies now embarking on full-scale OT security measures? Is it because the external and internal pressures that Mr. Shibata mentioned earlier are so strong?

 

Mr. ShibataIndeed, the evolving landscape of cyber attackers constitutes the primary external pressure.

Attack methods continuously advancing in sophistication, resulting in several instances where production and shipments were temporarily disrupted due to attacks on manufacturing sites, like in the case of semiconductor and automobile industries.

In response to this heightened threat environment, standards and guidelines have also been developed to mitigate OT security risks and enhance resilience against cyber attacks.

 

Mr. LiuThere are a variety of standards and guidelines, including international, industry, and national standards. For example, in the semiconductor industry, SEMI E187 serves as a cybersecurity standard for chip foundries ensuring that semiconductor manufacturing tool vendors deliver secure equipment without hidden malwares.

 

Mr. ShibataThis dynamic will inevitably compel equipment manufacturers, especially, to adhere to standards and guidelines. Failure to comply could result in their exclusion from the supply chain, leading to loss of orders and market share.

Conversely, internal pressures stem from a growing inclination within companies to advance Digital Transformation (DX) and Internet of Things (IoT) initiatives.

A decade ago, OT systems were separated in silos, distinct from IT systems, within closed environment.

However, the emergence of “connected factories,” where diverse devices communicate via the Internet, has gained momentum. Nonetheless, this connectivity presents heightened vulnerabilities to cyber-attacks on OT systems. Consequently, more companies are intensifying efforts to fortify OT security, driven by both DX and IoT considerations.

It’s imperative to shift the perception of OT security measures from a mere cost to an essential investment for sustainable corporate growth.

Achieving both availability and enhanced security requires close collaboration between IT and OT teams, with a focus on implementing appropriate measures to safeguard operations effectively.

 

 

 

――So, what benefits does the collaboration between Mitsubishi Electric and TXOne bring to companies seeking to take OT security measures that integrate IT and OT?


OT security cannot be achieved without collaboration!
The Fundamental Reason Why Mitsubishi Electric and TXOne Teamed Up

 

Mr. ShibataThrough the collaboration, Mitsubishi Electric and TXOne have consolidated their expertise to offer comprehensive OT security solutions.

The collaboration empowers Mitsubishi Electric to offer detailed and integrated support, spanning assessment, monitoring, protection, and supply of OT security solutions, thereby enhancing the resilience and security posture of industrial operations.

 

Mr. LiuMitsubishi Electric has accumulated expertise in both OT and IT. Mitsubishi Electric has a strong presence in industrial equipment such as PLC, Servo Motors, and other factory automation control devices, and has a large share of the global market. By combining Mitsubishi Electric’s knowledge with TXOne’s OT security expertise, we expect to be able to develop useful OT security solutions that combine productivity and efficiency with safety. In turn, we expect to be able to improve the security level of industrial equipment itself.

 

Mr. ShibataComparing the relationship between IT and OT to a cross-sectional diagram of the ocean provides a vivid analogy, with the aerial area above the sea surface represents the realm of IT, while the underwater area symbolizes the domain of OT. Security measures traditionally originate from the aerial IT domain and gradually descend towards the underwater OT domain. Many companies have successfully extended their security measures to the near-underwater portion of the sea, where a blend of IT knowledge and basic OT understanding suffices. For instance, security measures for computers involved in production planning may fall into this category. However, to secure devices like PLCs and robots in the deep sea, a profound understanding of these OT devices becomes indispensable. Close collaboration with TXOne Networks holds significant value in this context. TXOne brings deep-rooted expertise in OT security, particularly in the semiconductor and manufacturing industries.

Their involvement in formulating standards like SEMI E187 with TSMC underscores their industry leadership. This rich expertise and experience make TXOne an invaluable partner in navigating the complexities of OT security.

 

Mr. LiuTo begin with, OT security measures cannot be accomplished without collaboration.

Twenty-five years ago, implementing IT security measures often involved simply installing a firewall and anti-virus software. Nowadays, a large enterprise may, on average, employ 50-60 different cybersecurity solutions to safeguard the organization given its complexity. Due to the increased convergence of IT and OT, the world of OT has become more fragmented, making defense more challenging. We believe that this has led to an expansion in the scope of security measures and an increase in their sophistication.

 

――Indeed, the landscape of OT security is undergoing a significant shift in its foundational assumptions. The emergence of the “zero-trust” challenges this assumption by adopting a stance of pervasive skepticism and constant verification. In essence, nothing within the network is automatically trusted, and all information assets, regardless of their origin or location, are subjected to rigorous scrutiny and validation.

 

Mr. LiuThe manufacturing floor is also undergoing a transformation, with demands for things such as virtual machine security.

Whatever the case may be, the need for complete security measures has arisen to include not only the CISO, but also the plant manager, as well as the opinions of external suppliers and security company personnel.

OT security measures are no longer a simple matter of someone having all the answers. Therefore, in Europe and the United States, multiple companies are collaborating to solve security challenges. In Germany, CSSA (Cyber Security Sharing & Analytics) was established in 2002. Currently, 16 companies are members of CSSA, sharing their knowledge with each other. We believe that this collaboration between Mitsubishi Electric and TXOne is a significant initiative that could serve as an opportunity for similar collaborations in Japan.

 

Mr. ShibataCollaboration indeed stands as the cornerstone of OT security. We have initiated cooperative efforts with a dedicated focus not only for the semiconductor and automotive industries, which serve as our primary target markets, but also various sectors like social infrastructure and Building Automation sectors. Our objective is to utilize the strong partnerships and jointly implement proactive security measures tailored to the unique requirements of these sectors.

 

※Published on 2024/02/21, Diamond Online

TXOne image
TXOne Networks

Need Assistance with OT Security ?

Our team is here to assist with OT security challenges and provide guidance on implementing effective solutions.​