OT/ICS Cybersecurity

DONGHOON Itech is carrying out various businesses such as security based on ICT consulting.

What is OT/ICS Cybersecurity Biz?

OT (Operational Technology) is an industrial operating technology environment, and it refers to a wide range of digital industrial areas including industrial control systems (ICS) as well as common areas connected or used with IT.
These areas include the country's critical infrastructure, which can be a major threat if stopped for even a second.
However, with the development of IT (Information Technology), advanced technologies such as cloud, big data, and the Internet of Things are pouring in like a wave, and the security threats to social infrastructure are getting bigger and bigger. In particular, medical, transportation, and nuclear power generation are fields that require more security because they are directly related to human life, and the OT/ICS cybersecurity business aims to eliminate and defend against these security threats.
Why do we need OT/ICS Cybersecurity Biz?
Due to the 4th industrial revolution, the winds of change are blowing in operational technology (OT) field such as national infrastructure and manufacturing. As ‘Smart X’ such as smart factories and smart cities is being promoted in earnest, new technologies such as big data and artificial intelligence are grafted and connected to 5G network, creating contact points between IT and OT fields.
However, this situation is creating a cyber threat. This is because the OT environment is also exposed to cyber threats as the contact point with the IT environment increases. In particular, as real OT system accidents such as ransomware cases have recently occurred in important semiconductor manufacturers and national industrial facilities, concerns and interests in OT security are increasing among organizations and companies.
What capabilities are included in the OT/ICS Cybersecurity Biz?

OT is different from IT in terms of vaccine, supporting technology lifetime, service, patch, application, equipment regeneration, emergency content, availability, security awareness, security test/audit, and physical security. You can only utilize it if you take the benefits into consideration and pay attention to security.

1. For vaccines, you should use specialized vaccines for each OT field, not general and broad vaccines used in IT.
Stuxnet, a worm virus that infects only Siemens' Industrial Automation Control System (PCS7) used in power facilities such as power plants, causes malfunctions or paralyzes the system. Stuxnet has infected 30,000 computers related to the Bushehr Nuclear Power Plant in Iran, as well as major social overhead capital facilities (SOCs) in China.

2. In the case of supporting technology lifetime, if technology is supported every 3 to 5 years in the IT field, various technical problems, SW security verification, and long-term research in the OT field must be accompanied. Because of this, it can take quite a long time, and a high level of security is required.

3. In the case of services, services can be used in general and extensively in IT, but in the case of OT, they are specialized for very limited services and the cost increases.

4. For patch application, it can be applied with regular updates in IT, but cannot and should never be applied until SW security verification is completed in OT. Therefore, it is slower to apply than IT, and patches must be applied according to the characteristics.

5. Fifth, in the case of equipment regeneration, a regular inspection can be performed on IT and inspection date can be scheduled, whereas OT is based on old hardware or software developed in the past and still in use, so it should be taken into account that there are many cases that it is not suitable for the recent security environment.

6. In case of emergency content, which is various information flowing through communication networks or broadcasting networks, delays in IT can be tolerated, but OT is fatal for safety.

7.In terms of availability, IT is also highly available, but since OT has to operate 24 hours a day, 365 days a year, its tests and inspections are very exceptionally possible. This is because the machine cannot be basically stopped working.

8. In terms of security awareness, in the case of IT, both the public and the private sector are aware of the importance of security, while those in the OT field generally have insufficient awareness of cyber security.

9. For security testing and auditing, the IT sector is tested and audited on a regular basis, whereas OT cannot stop working, so testing is only possible for a certain period of time.

10.In the case of physical security, OT-based infrastructure is specialized, and although the physical security system is well established, it is relatively exposed to risks due to negligence or carelessness.

What are the advantages of OT/ICS Cybersecurity Biz-related solutions handled by DONGHOON Itech?

Nozomi Networks security solution handled by DONGHOON Itech is positively leading the OT∙IoT security area and is well-received in the same industry for intuitive data visualization, advanced OT∙IoT threat detection technology, and rapid deployment.

In particular, it is controlling more than 2,300 and more than 3.4 million devices in a wide range of industries such as ▲energy ▲manufacturing ▲mining ▲transportation ▲utility ▲smart building ▲smart city. Nozomi Networks’ products cover the fields of IT, OT and IoT, and automate tasks such as asset status identification, data visualization and monitoring of industrial control networks based on artificial intelligence. It can be applied in various directions, such as improving business efficiency, managing assets, predicting maintenance work, etc.

How do OT/ICS cybersecurity related solutions handled by DONGHOON Itech help customers?
DONGHOON Itech's OT/ICS Cybersecurity Division recently started the OT/ICS Cybersecurity business based on its 20 years of IT security experience. DONGHOON Itech knows the difference between IT security and OT security better than any other security company and has a group of OT security experts in the industry. We will help you to provide services in the OC/ICS environment without a single security incident.