Digitalization helps reduce carbon emissions and increase efficiency. But it can also expose vulnerabilities in existing industrial operations. "We need to bridge the gap between security and operations teams," says Haakon Mørk, co-founder and CTO of Omny.
Mørk is leading the Product & Engineering team of a business that aims to do just that: provide large industrial players with the confidence to embark on and accelerate ambitious digitalization efforts. Often, such efforts are stalled or slowed because of fears of cyber attacks.
"We've been talking about the green and digital transition for years. Lots of actions need to be taken on an individual level, but the bulk of digital heavy lifting needs to happen in industrial environments. These are the large carbon emitters that need to deploy IT, both to optimize operations and cut emissions. But doing so will require them to expose their operational technology systems to the threat landscape that is the online world. This is where OT security becomes critical," says Mørk.
The future is connected
According to EU cybersecurity agency ENISA's Threat Landscape 2022 report, the number of cyber attacks in Europe has increased by 26% in 2022 compared to 2021 and cyber attacks specifically targeted at industrial or OT organizations increased significantly over the last year.
Even with the rising statistics, Omny's CTO believes that many more severe attacks on infrastructure occur but go unnoticed or are simply never reported or registered by the outside world.
"Companies either do not want to share that they have been attacked, or they have failed to identify that the system failure they had experienced was due to a cyber attack. Lack of reporting means others will be attacked by the same method. And lack of identification means you have an underlying weakness that only your adversary knows about," he explains.
"There are also internal coordination issues at play: the security team may observe a red flag and identify a potential attack but are unable to convey the urgency and severity to an operations team that do not have the same visibility or data. This can cause organizations to lose valuable time to act," Mørk adds.
Standing on the shoulders of giants
Omny is the outcome of a joint venture that bridges gaps in and of itself. Jointly owned by industrial behemoth Aker, telecoms multinational Telenor and industrial software scale-up Cognite, the company is building on several hundred years of experience from settings that put a premium on qualities like precision, efficiency and uptime.
Omny's solution maps the data flow for an industrial organization, offering a real-time understanding of how cyber risks are affecting operations. By understanding the system dependencies on critical functions, Omny helps cybersecurity teams prioritize incidents and communicate with operations teams effectively. It also adds confidence to organizations on compliance for new cybersecurity regulations, such as the EU cybersecurity directive NIS2 which was introduced in 2023.
Making digitalization safer for operational environments
"Pulling data out of operational technology networks can unlock value, both in production efficiencies and reduced emissions. This is the normal data that is used for controlling operational processes. Normally these OT networks haven’t been designed for security purposes. They've been designed more for resilience and availability of operations," Mørk explains.
He emphasizes that it is not the digitalization of industrial processes that creates new vulnerabilities.
“OT systems are designed and built to be safe and reliable, not to be secure. When OT systems are connected to IT systems, the vulnerabilities that were always there, are exposed. It means the more connected, the more you need to protect your inherently insecure OT systems in a granular way,” he adds.
The impact of a more uncertain world
Companies' awareness of the threats facing them when connecting more of their operations and infrastructure varies with the general threat level in their physical environments.
"If you are operating in a country where threat levels are higher, such as Ukraine, the Middle East, Israel or Iran, you expect to be targeted by nation-state actors. However, the risk level in the Nordics and NATO states has also dramatically increased in recent years. Nation-state actors are actively targeting operational technology and industrial infrastructure, as are criminals with pure monetary interests. Not every attack is attributable, and state actors may use criminals as a cover-up. As technology has evolved and more systems have been connected, the sophistication of such attacks continues to increase," says Mørk.
"For someone operating in, say, Norway, this reality was harder to imagine until recently – but these risks have clearly come closer and more acute with the current geopolitical environment," he adds.
OT security in practice
When IT and OT meet, companies unlock value through the benefit of digitalization efficiencies. When most of OT cyber risk comes from the IT side, it is important to be prepared and maintain a robust response capability.
"Enabling the cybersecurity team to communicate with operations, ensuring a common view of what risk level they are at when an alarm sounds, and knowing what operational systems it can impact – this is what bridging the IT-OT gap really means. Otherwise, these engineers don't speak the same language."
Want to know how Omny is bridging the IT/OT information gap?
