As industrial organizations continue to embrace change by leveraging the latest technologies into their daily operations and production cycles, they have also been tasked with embracing remote and hybrid work environments – all while maintaining operational continuity.
Utilizing advanced technologies has enabled these organizations to reduce expenses, expedite production time, and elevate customer service levels. At the same time, the global pandemic has accelerated remote and hybrid operations that allow employees, contractors, consultants, and vendors to “operate on-site” anywhere in the world, as well as via a variety of digital devices.
Unfortunately, along with the many benefits of delivering new value and improving productivity through technology and shared operations come escalating OT security risks that can impact – and even severely harm – workers, reputations, and operations. Cyberattacks on OT systems are no longer a niche exploit and can be catastrophic. Today, no organization in the OT environment is immune.
Accelerating OT Infrastructure Targeting
There has been an explosive growth in OT infrastructure targeting in the past few years. IBM Security’s 2020 X-Force Threat Intelligence Index reports a 2000% increase in the number of events targeting OT assets since 2018. Even more daunting is the rapid evolution of OT attacks from immediate critical infrastructure disruption – such as the Colonial Pipeline ransomware attack – to the Oldsmar, FL municipal water treatment’s network hacking attempt to cause physical harm by increasing the sodium hydroxide in the water intake. The new reality is that today’s threat actors are targeting weaknesses in the OT environment through open ports, lack of proper OT network segmentation, lack of MFA on access points, and back doors opened by third party vendors.
Recently, the technology research and consulting company Gartner predicted that the financial impact of OT attacks will reach $50 billion by 2023, including a variety of costs from insurance, regulatory fines, litigation, and compensation. They also forewarned that most CEOs would be personally liable for such incidents.
To combat the range of risks before an incident occurs, industrial organizations must adopt a forward-thinking OT security strategy that addresses these upward trends of the modern world.
Protecting Critical OT Assets
No longer can organizations wait to put processes, procedures, and technologies in place to protect their critical OT assets and remain secure and operational. Manufacturers, energy producers, utilities, and other organizations that deal with the public sector need to turn to a simple to deploy zero-trust access control platform with capabilities that include:
- Secure “clientless” browser-based multifactor authentication (MFA)
- Secure operational link for Industrial Internet of Things (IIoT)
- Role-based third-party vendor management
- Secure application access for monitoring and session logging
- Application screen recording for forensics and training
- Centralized management, visibility, and control of authorized user access
Securing OT Demands a Platform Approach
Since security considerations must extend beyond the on-premises system, a user access control and analytics platform is essential in mitigating cyber risk and physical security gaps prevalent in covering the operating system, the network infrastructure, and the IIoT.
The development of a unified security strategy should also include asking the following questions to help identify and evaluate solutions that are simple, proven, and cost-effective:
- Does the vendor have a deep understanding of the nuances in cybersecurity, safety, and reliability challenges being faced by the OT industry?
- Does the vendor have an established ecosystem of strategic partners, technology alliance partners, and resellers committed to reducing risk, cutting costs, and improving public safety?
- Is the vendor able to implement robust and compliant network segmentation between IT and OT networks?
- Does the vendor offer a centralized management platform designed to provide a single point of management and a 360-degree view across all remote sites?
- Is the vendor able to meet even the most stringent compliance standards, including NIST 800-53, FIPS 140-2, and Risk Management Framework (RMF) guidelines?
Getting the answers to these and other essential questions will help guide critical infrastructure operators in taking the first steps toward improving their functional resilience and protecting their critical assets through a secure operational link between IT and OT.