By Peter Lund, Vice President of Product Management at OT security company Industrial Defender
As of February 2022, we’re already witnessing an increased focus on OT cybersecurity — and for good reason. The Biden Administration has announced a new plan to secure U.S. water systems from cyberattacks, an unfortunate signal that bad actors are targeting utilities and threatening what Americans typically view as guarantees. Water, gas, and electricity are all at risk of being contaminated, interfered with, or even halted, as was the case with the Colonial Pipeline ransomware attack.
Despite the imminent threats, I predict the below trends will help security professionals protect OT systems this year:
Reinforcing today’s standards of security
In 2022, we’ll see traditional managed security service providers offer OT services to stay at the forefront of the industry. This trend is already apparent with Deloitte’s recent acquisition of OT security provider aeSolutions.
Additionally, we’ll witness the return to basic hygiene and reliance on preventative controls over threat intelligence. Threat intelligence is a go-to strategy for many in the industry. However, knowing what bad actors exist has little benefit for enterprises if they don’t know if the doors and windows (firewalls and remote access) of their organization are locked. I would go as far as saying is many organizations still don’t know how many doors and windows they have. Taking a step back, 2022 will welcome a renewed focus on basic hygiene.
Introducing OT cybersecurity’s 2022 innovations
Security Orchestration, Automation and Response (SOAR) is standard practice in IT. As the year continues onward, we’ll see more OT cybersecurity experts lean on these guidelines within their own practice.
Additionally, OT passive monitoring solutions will need to expand active data collection capabilities. Many enterprises rely on outdated monitoring solutions that don’t account for real-time data collection. To better manage OT assets, it will be crucial to expand data collection capabilities.
Finally, Software Bills of Materials (SBOMs) will remain trendy, but adoption will lag because of OEMs. If the ongoing log4j vulnerability saga has taught us anything, it’s that SBOMs are not optional. Unfortunately, until we get buy-in from the major OEMs that supply the hardware and software that keep the lights on, customers and security vendors will be behind the eight-ball when it comes to data accuracy and integrity. Hopefully log4j will be a catalyst to get the industry to agree on a standard for publishing and sharing SBOM data.
Focusing on the big picture
As alternative energy sources gain prominence, we’ll see an increased focus on OT security for renewable energy sources, by and large renewables have been able to fly under the radar when it comes to regulations like NERC as well. As we become more and more reliant on renewables we need to ensure that they are protected, hopefully before a catastrophic event causes a widespread outage.
As more industries work to stay compliant, the U.S. government will simultaneously double down on the NIST Cybersecurity Framework for standard cybersecurity controls. In 2022, we can expect NIST to continue to provide additional updates and recommendations as it aims to standardize cybersecurity controls. The NIST Cybersecurity Framework is essential for enterprises looking to check its cybersecurity boxes.
Organizations have reason to be wary of cyberattacks in 2022, but security professionals can breathe a sigh of relief when tackling the year with a strategic, three-pronged approach. Enterprises must revisit basic hygiene measures, adopt the latest and greatest tools to stay protected, and remain focused on the big picture of what’s going on across the United States and in the industry as a whole. Bad actors are out to cause disruption, but organizations can stay protected with these tips and trends in mind.
About the Author
Peter has a strong technical and business background with over 15 years of experience working with and for IT and OT product companies. Over the last five years, Peter was instrumental in bringing new features to the market for Industrial Defender. In addition to his product management role, he utilizes a wide range of experience in application development, systems engineering, and marketing. Prior to working with Industrial Defender, Peter held roles at Dell EMC, Schneider Electric, and KVH Industries.