OT Security Critical to Protect India

Rajneesh De, Consulting Editor, APAC News Network

The India Operational Technology (OT) Security market is growing in significant proportions due to the growing convergence of the IT and OT systems.  While IoT adoptions are on the rise, many of these fail due to lack of synchronization in securing the IT and OT systems. There are quite a few cybersecurity players offering IT security, but not so many offering OT security. Things are changing though as the OT security market gradually grows in India. 

As India Inc. increasingly adopts smart manufacturing and critical infrastructure becomes more connected, the need to secure the different OT systems becomes paramount. The threat of cyberattacks targeting industrial systems is very much real today. And that has severe repercussions leading to significant disruptions and safety concerns.

 Additionally, several government initiatives to enhance the cybersecurity posture of critical infrastructure, including power grids and manufacturing plants, have boosted the adoption of OT security solutions. The increasing complexity of the different OT environments, along with a growing number of IoT devices in the industrial settings, has also accelerated the demand for robust OT security.

Sizing the OT Security Market

The Indian OT security market is currently sized at Rs 9,462 crore in 2023 and is expected to reach Rs 14,258 crore by 2029 at a CAGR of 7.11%. Contrast this with the global numbers. The global OT security market is expected to grow from $17.9 billion in 2023 to $38.2 billion by 2028 at a CAGR of 16.3% over this period. 

OT security involves myriad technologies, processes, and policies designed to identify and mitigate threats to operational technology systems. This includes network segmentation, access control, intrusion detection, and incident response planning. In recent years, OT security is assuming more critical proportions as an increasing number of industrial control systems are getting connected to the Internet and other networks. This has increased the risk of cyber-attacks that could potentially disrupt critical infrastructure and cause widespread damage. This has led to a growing focus on improving OT security through increased investment, collaboration, and best practices.

Drivers for the OT Security Market

Rising adoption of cloud-based OT security industry solutions and the surge in the integration of government initiatives in security standards are also drivers of the OT security market. The growing demand for cyber threat modeling solutions is also fueling the growth of the OT security market. However, the lack of trained security staff to analyze OT security systems as well as the high installation cost of OT security solutions is somewhat limiting the market growth. Nevertheless the rise in IIoT connectivity between industrial operations and the internet and increased WFH is anticipated to provide numerous opportunities for the expansion of the OT security market.

Increasing adoption of cloud-based OT security solutions  

Cloud-based OT security solutions offer scalability, flexibility, & cost-effectiveness and help enterprises to manage OT security in a more streamlined and centralized manner. The inherent features associated with cloud-based OT solutions contribute to the increased installation of operational technology security market in India.

The integration of cloud-based solutions also allows enterprises to collect and analyze security data from several OT & IT systems, including logs, network traffic, and security alerts, in a centralized cloud-based platform. Cloud-based Security Information and Event Management (SIEM) solutions provide real-time visibility and threat detection and can help enterprises respond to security incidents more quickly and effectively. These multiple benefits offered by cloud-based OT security solutions are boosting demand in the market. 

Moreover, several private and public companies are continuously involved in promoting digitalization in security operations and maintenance, as digitalization has become a necessary step in managing security operations and maintaining safety. For instance, in October 2021, Orca Security raised a fund of $550 million, led by Temasek, which focused on extending the transformation of the cloud security industry. Such investment pooling in the digitalization of the security solution is anticipated to fuel the demand for cloud-based OT security solutions, which in turn, augments the market growth on a global scale. 

Government Initiatives on Security Standards 

Government in India like others around the world are increasingly recognizing the importance of OT security and taking steps to promote the adoption of OT security solutions including regulations & standards, funding & grants, and public-private partnerships. There is increasing focus on regulations and standards to ensure that critical infrastructure systems are protected from cyber threats. ICS and SCADA systems often used in critical infrastructure domains like oil and gas, power and water utilities, transportation and manufacturing are often vulnerable to cyber attacks leading to operational downtime, physical damage and even loss of life.

The Indian government’s emphasis on OT security has prospered through initiatives and centers such as Cyber Surakshit Bharat, CERT-IN and Cyber Crime Co-ordination Center (I4C). These are aimed at enhancing the cyber security postures of the critical infrastructure sectors. The National Critical Infrastructure Protection Center (NCIPC) has initiated measures to protect critical information infrastructure, raise awareness about critical vulnerabilities as well as defend against cyber terrorism and cyberwarfare.

Digital Capabilities of Security Solutions

Some of the key digital capabilities that can be leveraged for OT security include cybersecurity analytics, IIoT and secure communication protocols. Digital capabilities can enable the development of advanced analytics tools that identify and analyze potential cyber threats in OT systems. These tools can use ML algorithms to detect anomalous behavior and identify potential security breaches in advance. 

IIoT devices can also monitor OT systems and detect potential security threats by collecting data from various sensors and transmit it to a central system for analysis, enabling CISOs to quickly identify and respond to potential threats. Digital capabilities can also be used to develop secure communication protocols for OT systems to prevent unauthorized access to OT systems and ensure that data transmitted between systems is encrypted and secure. 

End-User Adoption in Enterprises

End user adoption is a critical factor in the success of any OT security solution. There is a need to involve end users in the development of the OT security solution to ensure that the solution meets their needs and is easy to use. The OT security solution needs to be as user-friendly as possible. One must provide clear and concise instructions, intuitive interfaces, and training materials to help end users understand how to use the solution. The enterprises must educate end users on the risks associated with cyber-attacks on OT systems to help protect the organization to increase the adoption of OT security solutions. 

There is the need to establish clear security policies and procedures that end users must follow when using OT systems. This will help ensure that end users understand their responsibilities when it comes to OT security and can help prevent security breaches caused by human error. Thus, these help to ensure that end users adopt and use OT security solutions effectively, helping to protect critical infrastructure from cyber threats.

Analyzing Key OT Security Players

The major market OT security market players in India include infrastrucrure solution providers like Rockwell, Honeywell, Schneider, Emerson, ABB as well as cybersecurity vendors like Fortinet, Forcepoint, Trellix, Checkpoint among others. 

Honeywell Forge Cybersecurity+ | Cyber Insights is the OT security solution from Honeywell. The solution assists customers in improving the availability, reliability and safety of their industrial control systems and operations. Cyber Insights is designed to integrate information from multiple OT data sources in order to provide the enterprise with actionable insights into their cybersecurity vulnerabilities and threats. This allows the CISO to manage the enterprise compliance strategy, thereby helping reduce their overall cybersecurity risks.

Honeywell has developed a three-pronged strategy around its OT security solution. The first is to collaborate with the overall industry ecosystem including other technology providers and integrators to enterprises and government agencies. This collaboration is to build awareness, provide education, share best practices, and accelerate the development and adoption of cybersecurity. The second is to create and acquire new technologies and bundle them into existing cyber security offerings as part of Honeywell Connected Plant initiative. The third is through the CoEs which are designed to help industrial manufacturers. 

Rockwell Automation has partnered with Fortinet to provide powerful cybersecurity protection to global customers through the convergence of advanced networking and security capabilities. The Fortinet partnership with Rockwell helps enterprises securely navigate their digital transformation journeys. The collaboration support ssecure connected organizations by reducing the exposure to cyber threats and help them centralize visibility and management of their security architecture. Rockwell’s acquisition of Verve is another step in this direction. The Verve Security Center platform enables real-time asset inventory, vulnerability management, and risk remediation.

Schneider has strategically partnered with Bitsight to develop a global OT Risk Identification and Threat Intelligence capability. The goal of this collaboration is to strengthen industrial security and provide more visibility into Industrial infrastructure and ICS devices that may be at risk from a cyber breach. 

Schneider has also launched a Managed Security Services (MSS) offering to help customers in OT environments address the increased cyber risk associated with the demand for remote access and connectivity technologies. Powered by Schneider’s Cybersecurity Connected Service Hub (CCSH), this offering provides  flexible services to monitor cyber threats and proactively respond on behalf of customers.

Fortinet provides a proactive and transformative approach to OT security with the Fortinet Security Fabric. The Fortinet Security Fabric enables multiple OT security technologies to work together across IT and OT environments instead of disparate point products operating in silos. The solution covers the entire converged IT-OT network to close OT security gaps, deliver full visibility, and provide simplified management.

Also Read More –

• Tenable to power Wärtsilä with its OT Security solution