Page 111 - Cyber Defense eMagazine June 2020 Edition
P. 111

It’s clear that as these vulnerabilities grow, manufacturing and industrial leaders must devote greater
            attention to securing their environments.

            A Different Approach to OT Security


            Industrial  and  manufacturing  organizations  need  a  security  strategy  that  is  specifically  tailored  to  all
            devices  across  OT  and  IT  environments.  This  approach  could  better  protect  essential  tools  and
            processes with the following focus areas:



              •    Agentless. Most OT enterprise IoT devices, such as SCADA systems, PLC’s, RTU’s, HMI’s and
                   engineering workstations, cannot accommodate security agents, so a security strategy should be
                   able to function without relying on these agents. 


              •    Passive. A security strategy that uses network scans or probes can disrupt or even crash OT
                   devices, which would interfere with important industrial control operations like plant operations. A
                   strong system should be able to function using only passive technologies. 


              •    Comprehensive  security  controls.  A  security  strategy  designed  to  mitigate  risks  in  an  OT
                   environment should have the same outcomes as one designed for IT devices. These outcomes
                   are listed in security frameworks such as the NIST Cybersecurity Framework (CSF) or the Center
                   for Internet Security Critical Security Controls (CSC). In the IT world, this typically requires the
                   use of several different security tools. For the OT environment, it would be desirable to obtain
                   comprehensive coverage of the required security controls using as few tools as possible.


              •    Comprehensive  device  coverage.  A  comprehensive  security  strategy  will  encompass  all
                   managed, unmanaged or industrial IoT devices in the enterprise—from the manufacturing floor to
                   the executive suite—because in an interconnected environment, you can’t secure OT unless you
                   secure IT along with it. The security platform should work for all types and brands of industrial
                   control  systems,  along  with  other  kinds  of  devices  common  to  the  enterprise  such  as  HVAC
                   systems,  IP  security  cameras,  fire  alarm  systems,  building  access  management  systems,
                   switches, firewalls, wireless access points, printers, and more.





            Cyber Defense eMagazine –June 2020 Edition                                                                                                                                                                                                                         111
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.
   106   107   108   109   110   111   112   113   114   115   116