OT Security is an Increasing Area of Focus

Author

Raja Ukil

Read Time

3 Minutes

Last Updated

Jun 11, 2024

table of contents

I was on the road for the last 30 days or so, first attending the RSA Conference 2024 in San Francisco and then visiting different cities to meet some of our existing customers. 

What stood out during RSAC and in customer conversations with Chief Information Security Officers (CISOs) and Chief Information Officers (CIOs) across Manufacturing, Pharma, Energy, Healthcare, and City Councils was the immense interest in Operational Technology (OT) and Internet of Things (IoT) security. I was extremely curious to find out what was driving this interest. Reflecting on these conversations, I identified some major drivers: 

  1. Rapid Adoption of Industry 4.0 and the Slow Death of the Purdue Model: Everyone wants more data from manufacturing plants, and the factory network is finally opening up to the internet, significantly increasing the attack surface. 
  2. CISOs Taking Ownership of Cybersecurity in Manufacturing: CISOs are now responsible for cybersecurity in the manufacturing space. 
  3. IT and Security Management in Manufacturing Plants: Previously, Manufacturing IT was controlled by the Manufacturing IT organization, which did not report to the CIO. As a result, processes and policies adopted in the IT space were not in place in manufacturing plants. The main focus of Manufacturing IT was to ensure that plant operations never went down, thus maintaining productivity and employee health and safety. 
  4. Adopting Newer Compliance Standards: There is a growing need to adopt compliance standards like IEC 62443. 
  5. Healthcare and Pharma Industry Specific Use Cases: In the healthcare provider space, there is a need for medical device protection and security in lab environments, which have minimal governance from an IT perspective. This also applies to the pharma industry and the protection of HVAC systems. Critical hospital infrastructure like operation theatres could be compromised if HVAC systems are breached. 

Developing an OT/IoT/IIoT Cybersecurity Blueprint 

Despite the high interest, actual progress on OT security is minimal, and CISOs are looking forward to suggestions from the tech and consulting industry. 

First, there is an urgent need to develop an OT/IoT/Industrial Internet of Things (IIoT) cybersecurity blueprint to help these organizations develop a roadmap for achieving a mature cybersecurity posture. This blueprint should also overlay possible technology solutions to address various aspects of OT security. 

Priority Areas to Address 

  1. Establishing a mature Configuration Management Database (CMDB). 
  2. Identifying vulnerabilities in OT assets periodically. Remediation is complex as many OT equipment are proprietary and often operate on very old legacy software and operating systems. 
  3. Overlaying threat intelligence. 
  4. Establishing an OT Security Operations Center (SOC) for threat detection. Remediation is complex as it involves programming new rules on switches and other network infrastructure, which can potentially impact manufacturing operations. 
  5. Implementing segmentation as recommended in IEC 62443. This prevents lateral movement and is critical given the limitations in implementing Endpoint Detection and Response (EDR) solutions in restricted and legacy environments. 
  6. Securing third-party access to OT environments.

But There‚Äôs a Political Angle 

  1. Who will fund the initiative, and where will the budget come from? 
  2. Who owns the execution of these cybersecurity measures? 
  3. What benefits would manufacturing leaders get from an elaborate cybersecurity investment? 

There is no straightforward answer, and it might vary from organization to organization. However, the encouraging aspect is that organizations are waking up to this new reality and considering major initiatives and investments in this area. 

How ColorTokens Can Help 

At ColorTokens, we microsegment OT, IoT, and IIoT environments in a completely non-intrusive, progressive manner and quantify risk reduction over time. Our platform-based solutions enable us to microsegment customers’ environments end-to-end, spanning both IT and OT environments. 

Please reach out to us to help address your IT and OT microsegmentation requirements. Our team of experts can work with you to craft the OT security roadmap. Our existing customers will be happy to engage in a conversation with you and walk you through their journey.