According to Gartner, by 2025, 75% of OT(Operational Technology) security solutions will be interoperable with IT security solutions and delivered via multifunction platforms.
OT sector includes industrial control systems (ICS) that use technologies like SCADA to monitor and control physical operations – pressure gauges, conveyor belt operations, gas, water valves, and more. The efforts of bringing more industrial systems online to deliver big data and smart analytics are replacing OT infrastructure with modern IT systems. However, this comes with a price of heightened risk and new vulnerabilities. The advantages of digitalization like operational efficiency, performance, and quality of services are causing security gaps that are being actively targeted by threat actors.
Industries are facing the challenges of transitioning and strategizing the requirements arising from the IT/OT convergence. And the recent incidents of attacks and high-risk actors like the publicized attack on Wolf Creek Nuclear Operating Corp are serving to be warning signs for many. The attack compromised critical operations of nuclear power and other energy sector industries.
With Energy, Oil and Gas industries being more prone to security threats, they are leaning towards deploying high-trust approaches. This has also pushed governments of various countries to formalize new guidelines that can enhance the security of critical infrastructures as we lack a standardized norm of security.
Securing OT Networks
IT systems are now increasingly consuming data from OT systems and we need proactive actions to strengthen their cybersecurity infrastructure. It is crucial to enforce network segmentation that can control access to critical OT systems such as OT network anomaly detection. Intrusion detection system (IDS) and intrusion prevention system (IPS), both types of equipment provide situational awareness toward detecting potential attacks.
However, the potential negative impact of false positives with IDS and IPS also results in blocking of genuine traffic which in turn can lead to physical damage and/or impact to safety.
In a security survey (2019) conducted by Ernst & Young Global (EY) from the oil and gas industry, they discovered that 87% of respondents did not thoroughly understand the ramifications of their new policy and strategies for cyber protection.
What we need is a holistic security approach that moves beyond traditionally isolated security devices. An integrated, broad, and automated security system that can actively monitor lateral traffic, enable threat detection across and protect the modern OT networks. And most importantly, educating the OT administrators about these new systems, areas of exposure, and security measures.
How To Keep Up – Best Practices
A recent survey conducted by Mckinsey & Company revealed that the number of IoT-connected devices would hit the 43 billion mark by 2023. Yet, the acceptance of OT security products is relatively moderate in the industry and not many organizations are keen on deploying resources towards security. Awareness is the first step towards taking security actions. Let’s look at the significant measures required for your OT frameworks’ cybersecurity.
Continuous Cycle of Improvement
The security and management gap between IT and OT environments stems from the policies and service agreements that do not extend to the OT environments. The obsolete OT networks are the most sensitive environments to be protected as they graduate from the legacy systems with diverse endpoints and missing patches.
However, the process of securing networks entails continuous and tenacious efforts of improvements. To build a sustainable pipeline of cybersecurity, organizations need to assess the current standing of their systems and adopt solutions based on their specific needs.
Employing a robust security platform to monitor and protect your key systems will lead to mature security practices and minimizing exposure.
Implement Zero-Trust Policies
Begin with understanding your risks and then implement Zero Trust security policies as per each device. Zero-trust entails verifying every entity before allowing it to enter the networks. This minimizes your risk exposure from day one and salvages months of manual policy configurations as devices, applications, or users are not trusted by default, even if they were previously verified.
The new vetted approach of “never trust, always verify” has picked up momentum as remote working continues and organizations, struggle to keep up with the pace of digital transformation. Also, implementing more policies at later stages gets easier while the communication protocols block any unauthorized access within the OT devices.
Robust Credential Management Strategies
The recent growth in remote access via VPNs and other remote access technologies across organizations has spiked the risk as VPNs lack granular access controls and this can be dangerous within OT networks. They cannot provide monitoring over sessions with privileged user access and carry the potential to risk the security fabric of sensitive frameworks.
Similarly, password malpractices are rising and organizations need to acknowledge the need for an enterprise-grade privileged credential management solution. It is essential to have full control over system and application access through live session management that can eliminate embedded and default passwords.
Energy, Oil and Gas are highly sensitive sectors that cannot afford the risks. An integrated approach to identify and isolate vulnerabilities is the key for OT managers and critical infrastructure owners. While companies across the globe are reluctant to get out of the silos and traditional systems, the malicious actors are a step ahead. The frequency of OT-focused threats has escalated and so should our efforts to strengthen our networks and systems.
Join Cyber Security for Critical Assets USA Summit for sessions like Critical Infrastructure at Risk – Anatomy of an OT Breach and more to gain insights from experts who will share OT cybersecurity best practices. The 2-day hybrid event, taking place in Houston on 16th & 17th September 2021, will introduce you to cyber leaders from the likes of DHS, American Gas Association, Covestro, Fluor and others to help you review the latest technological advances available to guard your operations against unacceptable and unimaginable threats.
Critical infrastructure security leaders are invited to join the physical event for FREE using the code: MYVIP
Faced with travel restrictions or prefer to attend virtually?
Save 25% on your virtual pass as part of our early bird special until July 31st.
Book now at: usa.cs4ca.com/register/
