NTT’s OT/IoT cybersecurity practice boasts a team of 130+ experts around the globe
In January, Japanese telecommunication company NTT released it’s monthly threat report from the NTT Global Threat Intelligence Center. The regular dispatch covers a wide range of topics including the latest threats, vulnerabilities, security technologies, patterns and new methods used by threat actors, as well as industry-related security issues.
That month, it covered cybersecurity for industrial control systems. Operational technology has increasingly become a prime target for cyber attacks. According to NTT, activist groups, individuals, criminal organizations and others are targeting OT and critical infrastructure in a variety of sectors on a daily basis.
OT cybersecurity remains a somewhat fledgling sector, but as more organizations in oil and gas production, mining, manufacturing, and transport begin to experience the effects of these devastating attacks, it’s importance couldn’t be clearer.
“Our customers are becoming more and more aware of how critical this is and why it is important,” says Zhanwei Chan, Global Practice Director of OT/IoT Cybersecurity for NTT.
NTT is one of the world’s leading technology services companies. Three years ago, they began offering OT cybersecurity services to help customers combat the growing threat to industrial environments. Today, NTT’s OT/IoT cybersecurity practice boasts a team of 130+ experts around the globe and partnerships with some of the industry’s leading security solution providers.
NTT’s OT/IoT cybersecurity practice helps organizations develop strategies for managing and monitoring security risks in industrial networks. The company operates 10 SOCs globally across the Asia/Pacific, European and North American regions.
NTT offers OT/IoT security services in five areas. The first is consulting to help organizations plan for OT cybersecurity. This includes assessment, vulnerability discovery, and asset discovery. Additionally, NTT helps clients with network segmentation, anomaly and threat detection, endpoint protection and secure remote access.
“There’s a whole bunch of connected assets in industrial environments that do not have visibility and are not secure,” Chan says. “Visibility and understanding is a big problem. Most OT networks were built 20 or 30 years ago. How do you secure a system that’s 30 years old? You can’t patch it. You can’t update it.”
Chan’s team excels in understanding both the IT and OT side of cybersecurity. One of the reasons for the rise in attacks on industrial environments is that OT and IT have become increasingly intertwined. According to NTT, the majority of attacks on OT start in IT, and as air-gapped OT networks continue to disappear, the trend can only continue.
“A lot of malware comes from the IT side and it moves into the OT side. So if you’re only protecting the OT side of the house, you will be blind,” Chan says. “What we’re trying to do is protect both the IT and OT side of the house. We’re trying to protect the entire organization.
“One of the biggest challenges is that both the IT team and the OT team are not aligned. Cybersecurity is usually an existing team in IT. But OT and IT do not talk.”
Chan says the convergence of OT and IT and the consequences it can manifest can be seen in the 2013 Target data breach that impacted an estimated 70 million consumers.
“Target outsourced the management of their air conditioning to a third party. What the hacker did is they hacked the third party, came in through the air conditioning’s network connection,” Chan says. “That is an example of where OT and IT has started to converge and how users have been exposed.”
However, when OT is compromised it can have consequences well beyond lost data. A cyber attack in industrial environments, such as manufacturing floors, can result in lost revenue and even loss of life.
“If the factory floor goes down, you can lose an average of $1 million per day. That’s critical. There’s a financial impact,” Chan says. “The biggest challenge in manufacturing is when you have malware you’ll be down for at least a week.
“There have been quite a few cases in Germany. There was a steel manufacturer whose furnace was hacked. It got so hot because they couldn’t control the temperature anymore so they had to perform a shutdown. It takes a very long time to shut down and it takes a very long time to ramp up. So that’s downtime.”
To help organizations protect themselves from such attacks, NTT’s OT/IoT cybersecurity practice has been partnering with a number of security solutions providers.
In April, the company announced a new partnership with Tanium Inc., an endpoint security and systems management company. Through the partnership the two companies will provide secure solutions for IT, IoT and OT environments. Specifically, NTT and Tanium will provide near real-time visibility into computing devices, equipment and systems and provide secure management solutions for smart technology.
“NTT supports promoting the digital transformation of companies around the world toward the realization of the Smart World,” NTT CEO Jun Sawada said in a press release. “We believe that this future strategic partnership will accelerate the efforts of the Smart World by combining Tanium’s cutting-edge device management technology with NTT’s advanced security technology and operational capabilities. Going forward, Tanium and NTT plan to further collaborate to contribute to the realization of a smart, safe and secure society using ICT for social issues in all fields.”
And in May, the company announced a new partnership with CyberX to deliver specialized managed security services for IoT/OT networks. For more information, read the solution brief here.