Operational Technology (OT) security involves safeguarding critical infrastructure and industrial control systems in industries such as energy, transportation, and manufacturing. The primary objective of OT security is to defend against cyberattacks that can endanger the safety, reliability and efficiency of these systems, resulting in physical harm, downtimes, and financial damages.
OT security has gained increase relevance due to the continuous integration of OT systems with Information Technology (IT) systems, which handle the management of information and data. To ensure the security of these integrated systems, it is essential to implement dedicated OT security policies, without the bias of the IT security practice.
This is why OT security practitioners rely on OT security standards such as IEC 62443, NIST 800-82 and ANSSI instead of only IT standards such as ISO27001, which focus on data protection. Even then, the number of attacks that disable or shut down industrial systems has risen dramatically in recent years. In 2021, of 64 incidents reported in OT networks, 22 were cyber attacks with physical consequences. These attacks represent a 144% increase over such incidents in 2020.
OT security is best aligned with physical risks and best focussed on securing physical operations. The deteriorating threat environment has sparked the emergence of new methodologies and practices for OT security. One such approach is Secure Operations Technology (SEC-OT), which places a strong emphasis on securing physical operations. The methodology offers practical guidelines for protecting networks critical to control, limiting the impact of cyber-attacks by monitoring and managing information flows between IT and OT, and identifying residual risks by assessing attack types and consequences that are not reliably defeated by current security measures.
Another new strategy, still in its infancy, is the National Cyber-informed engineering (CIE) strategy announced by the US Department of Energy. The goal of this strategy is to harness the expertise of engineers in industrial systems to minimize the risk posed by an intelligent adversary. The focus is on engineering-grade solutions to managing cyber risk to physical operations, rather than adding IT-driven tools after the fact to OT systems to try to mitigate risks to some lesser degree.
Finally, Unidirectional Gateways are playing a crucial role in the domains of OT security and cybersecurity engineering. The gateways are widely adopted in OT security plans to establish strong segmentation for industrial control networks in various industries, including power generation, rail systems, and petrochemical pipelines. In contrast to firewalls, which only reduce the impact of attacks, Unidirectional Gateways completely eliminate the threat of external cyberattacks like targeted ransomware.
And if at any time you would like an update on the latest Unidirectional Gateway developments, please use the form below to request a free consultation with one of Waterfall’s unidirectional technologies experts:
Industrial network monitoring and intrusion detection tend to start at the highest level networks – the ones closest to the IT network. Ron Fabella, CTO and Co-Founder of Synsaber joins us to look at the problem the other way around – at how important and how useful it is to monitor our lowest level networks – the edge networks closest to the physical process.
The Industrial Security podcast features guests with a wide range of perspectives. This play list collects a handful of episodes on the theme of OT security monitoring
Missed the latest SANS webinar on OT security monitoring, with Andrew Ginter? Catch up now and watch the full recording here
The essence of today’s OT security problem is that the data-centric, IT-class protections are simply not enough for operational security and control system security needs. A cyber breach to physical processes and powerful tools can have disastrous consequences. Preventing misuse and protecting correct control is the goal of OT security. Read the new post by Courtney Schneider, Cyber Policy Research Manager at Waterfall Security
In a recent Industrial Security podcast, Patrick Miller was asked about IT vs OT approaches to security. He replied, “We’ve always characterized it in terms of OT and IT … [but] …going forward it’s just T.” And he’s right – at least at the higher levels of most control system architectures. Most higher-level systems at most industrial sites – systems such as process historians, HMI workstations and even communications front ends – these systems all run on Windows. Not just Windows, these systems often use SQL Server databases, use other common infrastructure applications and communicate via TCP and SSL/TLS encryption.
English
Français
Español
עברית
Deutsch
日本語
한국어
中文
اَلْعَرَبِيَّةُ
