If you are the person in your organization responsible for securing an OT network, you are probably feeling very popular these days. Your inbox is no doubt full of emails inviting you to ‘hop on a call’ or ‘download now’ or ‘schedule a demo’. Each one promising that they have the best OT cyber security solution. There’s an absolute glut of options right now, and the choices are growing at a rapid pace. What’s a CISO to do? What options are the most important? What features do you look for in a comprehensive OT solution?
Gartner’s Advice for Securing OT and Cyber Physical Systems.
Gartner, a leading technology analyst firm recently released two research documents advising organizations on how to craft a strategy for implementing OT security and securing Cyber Physical Systems. Both documents advise Security and Risk Management leaders that now is the time to fully assess their current security posture to determine their current vulnerabilities, review the current options for upgrading and enhancing their security, carry out a POC, and select a vendor to work with.
Gartner expects companies will prioritize security OT security in the next several years. Their assumption is that “Through 2025, 70% of companies will deploy cyber-physical systems protection platforms as the first step in their asset-centric security journey.”
They emphasize the evolution of OT security, in four stages, from completely isolated air-gapped systems, which relied on ‘security by obscurity,’ through partially connected OT systems, the beginning of retrofitted systems, to the current fully integrated ‘born connected’ systems.
The Rise of Cyber Physical Systems, and the Need To Protect Them
The first of Gartner’s research documents, “Innovation Insight for Cyber Physical Systems Protection Platforms,” suggests that a change in approach is needed as the industry continues to mature and integrate.
“Cyber Physical Systems” is a relatively new term in the industry. It refers to a network of physical devices that are guided and controlled by computers, often including human interfaces as well. Robots, smart buildings, and autonomous vehicles are all examples of cyber physical systems (CPS).
As Gartner explains, “A CPS protection platform is a security solution that automates CPS asset discovery, and adds a range of security-related features to improve the risk posture of CPS.”
As Gartner correctly points out, you can't protect something if you don’t know it exists. So any adequate OT protection platform will begin with asset scanning and detection to create a detailed picture of the network. It should also offer ongoing visibility into the OT network as well. This is not a simple feat as there are a seemingly endless number of device manufacturers, and hundreds of protocols in use and a complete inventory needs to be able to identify them all.
There are almost 30 security features Gartner suggests you look for in a comprehensive solution including patch prioritization, scoring of risks based on asset criticality, CVE information, customized dashboard views, customized threat intelligence, robust integrations with other vendors, ease and speed of deployment, and of course, top rated support.
Choosing an OT Security Solution
Gartner’s second recent white paper, “Market Guide for Operational Technology Security” reinforces many of the points made in the Innovation Insight paper and emphasizes even more the changing landscape of OT technology. As networks increase in size, the attack surface expands, making them a larger target for threat actors. Additionally, there numbers of reported vulnerabilities are growing as well and OT cybersecurity skills remain in short supply. (For more on that, read The 2022 State Of Operational Technology report).
The good news is that most organizations are already aware of the need to shore up their OT cybersecurity readiness. According to Gartner, fully 81% of organizations are well past the awareness and firefighting phases of their cybersecurity journey and up to the decision making stage manageability.
Gartner again suggests that SRM leaders should start by assessing where they are on the OT security journey, and create a full detailed inventory of all the assets used by the organization. Then, they should evaluate the available solutions and choose a vendor. Gartner includes a long list of questions to ask potential vendors. The bottom line is that a comprehensive OT solution should provide full visibility across the OT network, while also alerting on any potential security vulnerabilities.
SCADAfence OT Security: The Complete Solution
According to Gartner, the range of added-on features is what differentiates a lesser platform from one offering real, comprehensive OT security.
While SCADAfence is included as a representative vendor in both documents, the fact is that SCADAfence is the only company that fully meets all of Gartner's suggestions for a comprehensive OT cybersecurity solution.
In Innovation Insight, Gartner includes in their list of necessary security features, “Secure remote access for employees and third parties.” SCADAfence is the only platform to offer a secure remote access solution without requiring additional architecture changes.
A low false positive rate is also an important aspect of a Cyber Physical System security solution. Gartner emphasizes that it is important to “Fine tune the CPS protection platform to minimize false positives. SCADAfence is 40% better than competing OT security solutions at detecting possible threats without false positives.
Speed of deployment is another feature that Gartner encourages companies to consider when selecting the best security solution. Gartner recommends it is ideal if, “deployment can be done in a matter of hours. The SCADAfence Platform baselines in less than 24 hours. We’ve fully deployed as many as 53 sites in less than three weeks.
Finally, Gartner makes recommendations regarding governance and compliance, suggesting that one of the questions to ask potential vendors is, “Do you offer a compliance reporting solution? To internally developed policies? To standards?” SCADAfence offers a complete Governance Portal that helps organizations increase readiness and compliance for policies and regulations.
If you have any additional questions about the SCADAfence Platform, or want to see it in action, request a demo today.