Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

3 Ways Effective OT Security Enables Your Business

OT Networks Are Often a Black Box for Security Teams and Don’t Have the Telemetry to See and Monitor Industrial Environments

OT Networks Are Often a Black Box for Security Teams and Don’t Have the Telemetry to See and Monitor Industrial Environments

Every company in the world relies on operational technology (OT) networks. For nearly half of the Fortune 2000 – in industries including oil and gas, energy, utilities, manufacturing, pharmaceuticals, and food and beverage – these networks are critical components to their business. The rest rely on OT networks to run their office infrastructure – lights, elevators, and datacenter infrastructure.

Adversaries understand the importance of these networks and have attacked them boldly to create widespread havoc, as in the case of WannaCry and NotPetya. They also know how to manipulate them in more subtle ways that would not be immediately observable but could erode public trust. For example, disrupting production of the top pharmaceutical companies to create shortages of medications, or tampering with the industrial machines responsible for logistics at our largest transportation hubs to bring commerce to a standstill. 

The more important OT networks are to your business, the more essential effective OT security is to the success of your operations. In fact, it enables your business in three important ways: 1) protecting “business as usual,” 2) reducing risk from digital transformation, and 3) securing remote access. Let’s explore these further.

1. Protect business as usual

For organizations whose OT networks are the lifeblood of their business, revenue is generated and customers’ lives are improved when those systems are up and running. Any risk that threatens availability and uptime can have significant financial impact when systems must be shut down and restarted. Attacks can also be devised to put product delivery at risk, creating changes in a product that aren’t desirable in many, different ways, such as tampering with machinery to change recipes, or contaminating water supplies used in the production process. Finally, and most importantly, OT environments often include safety systems to protect people inside or near the facility in case of machinery malfunctions. A compromise to these systems could have devastating effects on the lives of workers, their families and local communities.

Action: The OT network has been a blind spot for IT security professionals for decades, but now the urgency is escalating to address the IT-OT security gap. Because OT networks have no modern security controls you have an opportunity to design a security program from scratch – without having to worry about existing security technology. You can prioritize the most important use cases and focus on gaining full visibility into your OT environment. With granular details of all assets, sessions, processes, and corresponding risk levels, you can identify threats in the network to mitigate risk and assure continued operations of critical processes. 

2. Reduce risk from digital transformation

Advertisement. Scroll to continue reading.

Digital transformation is here to stay and is good for business. Connecting OT networks to IT systems for automation and inputs has unlocked tremendous business value – enabling improvements in operations efficiencies, performance, and quality of service. Recently, the move to digital has accelerated as companies transition more of their operations online to create a new normal and prepare for a post-pandemic future. As enterprises continue to increase connectivity between their OT and IT networks, many are finding that accurately identifying – much less reducing – risk in their industrial environments is exceedingly complex and resource-intensive largely due to fundamental differences between OT and IT.

Action: As a security professional, chances are you’ve worked hard and made strategic investments to build a strong cybersecurity foundation on the IT side to support your company’s digital initiatives. Now you have an opportunity to do the same on the OT side by using the differences between OT and IT networks to your advantage. OT networks are designed to communicate and share much more information than is typically available from IT components – the software version they are running, firmware, serial numbers, and more. As such, OT network traffic provides all the security information you need to monitor for threats. With a solution that you can quickly implement for asset visibility and continuous threat monitoring, you can start to close the IT-OT security gap.

3. Secure remote access

Network administrators of OT networks need to provide secure remote access to more workers than ever. In addition to manufacturers who typically have contracts to service machines remotely, they have an influx of new users they need to support. Any employee who previously worked onsite, for example on the manufacturing shop floor, but is now working outside the facility, needs online access so they can continue to do their jobs. Third-party contractors who previously provided specialty services like production optimization, also now need remote access to relevant equipment to support their contract and keep production lines running smoothly.

Action: In times like these, where every organization is reducing staff on site, the need to safeguard OT networks from threats introduced via unmanaged and unmonitored access by remote users, including employees and third-party vendors is increased. Consider solutions that provide granularity of control, the ability to audit access, and additional levels of security, such as password vaulting and secure file transfer, so you can mitigate risk.

Despite their ubiquity, OT networks are often a black box for security teams; they simply don’t have the telemetry to see and monitor these environments. When your core business operations, digital transformation initiatives and workers’ ability to do their jobs are at risk, effective OT security must become just as ubiquitous. It is what enables your business to move forward and realize its full potential.

Written By

Galina Antova is the Co-founder and Chief Business Development Officer at Claroty. Prior to that, she was the Global Head of Industrial Security Services at Siemens, overseeing development of its services that protect industrial customers against cyber-attacks. She was also responsible for leading its Cyber Security Practice and Cyber Security Operations Center, which provided managed security services for industrial control systems operators. Previously, Ms. Antova was with IBM Canada, with roles in the Provisioning and Cloud Solutions business. She holds a BS in Computer Science from York University in Toronto, and an MBA from the International Institute of Management and Development (IMD) in Lausanne, Switzerland.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

Municipal Water Authority of Aliquippa in Pennsylvania confirms that hackers took control of a booster station, but says no risk to drinking water or...

ICS/OT

Mandiant's Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in...

Cybercrime

Energy giants Schneider Electric and Siemens Energy confirm being targeted by the Cl0p ransomware group in the campaign exploiting a MOVEit zero-day.

ICS/OT

Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.