Home STAY CURRENTArticles How Organizations can Secure their OT Environment through 6 Point Framework

How Organizations can Secure their OT Environment through 6 Point Framework

by CISOCONNECT Bureau

Since the OT assets continue to be vulnerable due to legacy issues, a different strategy is required to secure the OT systems.

The energy and industrial sectors have already begun to embrace digital transformation. Newer technologies are being adopted by businesses to increase efficiencies, manage supply chains, and enable remote operations. While technology has significant advantages in terms of improving time to market, it is also critical to achieving the sustainability vision.

However, there are cyber threats along with the digital transformation. The various industries, as well as the entire spectrum of critical infrastructure, are being targeted by cybercriminals, threat actors, and state-sponsored hacktivists. Attacking Operational Technologies (OT) has become a profitable target for both state and non-state actors, as targeting them can disrupt operations, damage equipment, endanger lives, and put economies on risk. As a result, securing these technologies and improving resilience have become a national security and safety concern.

Increased cyber vulnerabilities of OT systems are being caused by the use of legacy systems, lack of effective network segmentation, lack of robust governance, security policies, and monitoring, and unsecure remote access. Since the OT assets have a long life cycle and some security vulnerabilities persist owing to legacy issues, a different approach to securing and monitoring these systems is required.

Santosh Jinugu, Executive Director, Deloitte India, said “For the industrial and energy sectors, both the internal and external environment are changing rapidly. Driven by the imperative to transform their businesses, run efficiently, and support decarbonisation, digital transformation is expected to become mainstream. At the same time, the geo-political environment is getting complex, which also brings critical OT systems in the radar of bad threat actors. OT systems are, by and large, complex, and so are the repercussions of a cyber-attack. It is important to have a robust strategy in place to secure these OT systems, and not let cyber risks become an impediment in the adoption of Industry 4.0 and the whole gamut of next-gen technologies”

The Deloitte report discusses a six-point framework that can be considered by organisations to secure their OT environment:

1. In-depth security assessment to establish the security posture: Amidst greenfield or brownfield digital projects, a comprehensive security assessment helps understand security maturity levels and existing gaps. Moreover, it provides visibility on asset inventory across levels – field devices, process controls, supervisory, and enterprise IT network. This helps understand the current security levels and put the right OT security process and roadmap in place.

2. Security processes, protocols, and controls: Following IEC 62443 standards (Cybersecurity for Industrial Control Systems) across policies, management, industrial IT, products, and components, is important. Security considerations include, but are not limited to, designing a secured network segmentation model and secured remote access, as well as managing privileged access, data backup, and passive monitoring for visibility of networked assets and activity. Any digital programme or third-party collaboration must have a “security-by-design” and “resilient-by-design” approach to be able to successfully mitigate risks. For products, systems, and the development lifecycle, third party assurance certifications complying with standards such as IEC 62443-4 are imperative. Periodical risk and vulnerability assessments and audits can help take the right step towards bolstering security, while providing the required security assurance.

3. 24×7 monitoring via a robust next-gen IT-OT security operations centre (SOC)/threat intelligence centre: As both the environments integrate, it is pragmatic to have a common IT-OT SOC, using specialised OT security solutions that help in asset identification, visibility, anomaly detection, and monitoring. Having custom OT specific playbooks, use cases, and a common SOC empowers security teams to effectively join the dots and respond faster to threats.

4. Incident response and cyber crisis management plan for the OT environment: Formulating a cyber incident response and cyber crisis management plan is imperative. The plan must undergo regular reviews of the board and others. The plan should address various scenarios affecting OT systems, including emerging threats and attacks such as ransomware. Industries should also focus on having table-top exercises for executives to prepare them towards various scenarios.

5. Awareness and training: Training and awareness is one of the crucial aspects of OT cybersecurity strategy. It helps create an in-house team of OT security specialists (for example, with expertise in PLC testing and infrastructure testing) or provide awareness and hygiene training to employees that operate systems. Training is also important to create a security-first mindset to ensure that cybersecurity remains a key tenet of Industry 4.0 implementation within an organisation. This can also help prevent Shadow IT, which becomes a pain point in the effective management of security.

Since the OT assets continue to be vulnerable due to legacy issues, a different strategy is required to secure the OT systems.

Recommended for You

Recommended for You

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Close Read More

See Ads