Thanksgiving – when families get together and express gratitude for everything they have over some food and hopefully some football. For most families and especially security teams, this is a time for looking back to evaluate the past year and to give thanks for how far we’ve come. 

When looking back at the past 12 months for the OT security community, it was a challenging year as the industry was bombarded with increasing amounts of successful ransomware attacks on industrial and critical infrastructure organizations. Instead of highlighting the attacks, we believe it’s better to focus on the different aspects of OT security that we are truly thankful for. 

Here at SCADAfence, we are grateful for all the efforts and innovation put in by our team and the collective OT security community. The sleepless nights and ongoing devotion to improving OT network visibility and security for industrial organizations is something everyone can be thankful for this thanksgiving. 

From the increasing awareness of IT-OT convergence to the US Government emphasizing the security risks that relate to OT environments, 2021 is a clear example that OT security is headed in the right direction and getting growing awareness by board members & C-level executives worldwide. 

As we look at last year and move forward, here are the 5 reasons why we are thankful for OT security. 

IT-OT Convergence

Just like on Thanksgiving, some family members might not see eye to eye at first but by the end of the night, everyone is happy and in agreement. This yearly experience is very relatable for security experts in IT and OT teams as they need to work together when it comes to the responsibility of OT security and converging networks.  

Up until recently, IT and OT teams rarely worked together as OT security teams were not in charge of advanced threats and IT security. With the advancement of operational technology and the adoption of industrial IoT devices, the need to converge IT and OT networks and systems is becoming more popular by the day with industrial organizations. 

With the increasing usage of IP-based communications with OT devices, there is a bigger challenge between IT & OT teams in understanding who is in charge of securing OT systems and this has created a cultural divide between teams. IT and OT teams' technical barriers and lack of clear ownership are the key challenges why IT and OT teams are less open to working together. While the awareness of this challenge is increasing, we are seeing more organizations invest in technologies and governance platforms to ensure improved collaboration as they see that proper IT-OT convergence is a crucial aspect of their cyber security program.

Similar to families making up at the end of the Thanksgiving dinner, when IT & OT teams both come to the mutual table to wine and dine, it can result in improved visibility and transparency for an organization's complete network security. At SCADAfence we have seen many of our customers adopt a seamless IT-OT convergence approach including one of the leading oil and gas organizations who are experiencing complete network visibility to all 71 of their global production sites.

OT Detection & Response

As industrial organizations become more interconnected, they potentially have more exposure to vulnerabilities. The high cost of industrial equipment and the damages to communities and economies that an attack could cause are key factors for organizations who are looking to protect their industrial networks. In addition, aging legacy equipment in factories, safety regulations that forbid any modifications being made to equipment and industry compliance regulations have created quite the challenge for OT teams.

Despite all of this, it is possible to secure industrial networks without disturbing regular operations and without risking non-compliance. By using OT security solutions that provide continuous threat detection and establishing the right security policies, OT security teams can put an effective OT strategy in place that will protect their organization’s processes, people and profit while significantly reducing security incidents and vulnerabilities.

Asset Inventory Management 

Effective cyber security in OT requires a deep foundation of asset information. Until recently OT teams didn’t have the resources or tools to maintain such an assets inventory. When organizations don’t deploy asset inventory management within an OT environment it creates a major visibility hole as they won’t know the security status of their environments. 

In some cases, industrial organizations will only create a simplified asset inventory to detect the data for security tasks. Organizations need to change their approach to asset inventory management and see it as the foundation of their OT security program.  

When detecting new vulnerabilities in OT networks and devices, organizations rely on their asset inventory to decide the severity of the vulnerability, how to patch the device and how it affects their environments. With an automated asset inventory, industrial organizations will increase the productivity and efficiency of their OT teams by quickly managing their assets data to detect and protect their environments all in one dashboard.  

Governance and Compliance 

Compliance regulations in OT are another aspect for security leaders to be thankful for as it is crucial for the security and production of industrial organizations. In recent years, there has been a growing demand for standards and guidelines to manage the risk exposure of OT infrastructures. IT and OT departments, who typically manage the cyber security standards across the organization, are now required to monitor the compliance of these standards across the various OT locations. On the other hand, the information provided today by the various IT tools is dispersed and is technical in nature. This makes the ability to translate them into risks and to prioritize actionable mitigations, very challenging and time-consuming. 

Organizations need to automate the governance processes with a solution that enables the IT and OT departments to centrally define and monitor the organizational adherence to organizational policies and to OT-related regulations. The solution should be configured and managed from a central location and aggregates compliance information from all sites in the organization. It also connects to other security systems, providing a cross-organizational, comprehensive compliance posture. 

OT Remote Access

Industrial organizations have undergone an evolution where most OT environments were isolated systems and now most OT systems are interconnected to the internet. This is occurring due to organizations deploying new technology that allows increased remote access management to OT systems. 

By providing remote access to OT systems it creates an advantage for industrial organizations but it also comes with more risks. By increasing the connectivity of OT systems and devices to the internet it can result in exploitation via cyber attacks. The constant increase of attacks on critical infrastructure and the convergence of IT and OT systems has quickly increased the adoption of remote access security in critical infrastructures and industrial organizations.

To fight off remote access security risks within OT environments, organizations need to deploy OT security solutions that come integrated with remote access features that are specifically designed for OT environments. By deploying an OT security platform that integrates remote access security that does not require any changes in network architecture, it will ensure that the OT systems are properly configured to detect and correlate remote user activity and detect if there is any malicious network activity.

Lastly, all of us at SCADAfence would like to thank our readers. It’s a privilege to share our passion for a subject with fellow security-minded folks. We wish everyone who’s celebrating a safe and happy Thanksgiving!