IT specialist IBM and OT (Operational Technology) expert ABB have announced a collaboration. The aim is to link cybersecurity and operational technology. As a first result of the collaboration, ABB has developed a new OT Security Event Monitoring Service, which combines ABB's know-how in the field of process control systems with IBM's expertise in monitoring security events. The monitoring service is designed to help improve cyber security for industrial companies.

Increasing networking leads to new security requirements

Due to increasing networking and the constant convergence of IT and OT, industrial control systems are increasingly becoming the target of cyberattacks. The latest X-Force Threat Intelligence Index from IBM shows that attacks on industrial and production facilities have increased by over 2,000% since 2018.
ABB has developed the new service to better link OT data with the general IT security system. This enables security events from ABB to be forwarded to QRadar, a platform for managing security data and incidents from IBM.

The new service was developed as a result of a reference architecture created jointly by ABB and IBM. This provides the necessary know-how to react quickly to security incidents in connection with process control. Data from event logs from process control systems are registered using a special data collection and forwarding technology and transmitted to the IBM Security QRadar. This uses automation and artificial intelligence to help detect security-relevant anomalies and potential threats. The software that enables the integration is currently being used by early adopter customers and will be made available to other customers by ABB in the coming months.

First customers test

"The integrated solutions provide a unique view of OT security by combining market-leading expertise," said Dr. Andreas Kühmichel, CTO, Chemicals, Petroleum & Industrial Products at IBM. "Greater visibility into OT and IT security can help reduce the risk of production disruptions due to security incidents. This prevents costly downtime and a general threat to the company."

The technologies from ABB and IBM that underpin the solution are developed on open platforms. Therefore, they can be deployed at the network edge and in hybrid cloud environments that include on-premise IT, private clouds or public clouds. The joint solution is designed to automate security processes without disrupting industrial workflows. Security analysis in QRadar is performed via a library of use cases that automatically flags incidents and triggers corresponding alarms.

ABB and IBM plan to continue their collaboration in the area of OT security to develop new capabilities and offerings to help customers address their challenges in this area.