Facility managers and logistics operators have reached a tipping point in operational technology cybersecurity (OT security). Although the tools necessary to properly secure facilities exist, challenges remain across manufacturing, pharmaceuticals, food and beverage, and other sectors in line with NIS2 and other directives.
The reality is that early-stage companies, and even some more mature companies, struggle to obtain the quality data they need to make important decisions about budgeting and resource allocation. It still remains. While it’s easier said than done, he says there are two areas team leaders can focus on to have the biggest impact. One is by obtaining better activity of network traffic, and the other is by integrating activity and relying on integration to collect data from secondary and peripheral network activity.
network activity
Modern OT network operators are tasked with integrating a large number of devices, from machines to sensors, monitors, and numerous OT devices. While many of these assets are designed to share data, others do not, creating gaps in the information known on the network.
Implementing tools that capture and record all network traffic allows personnel to understand the complete threat picture without having to worry about making each device interoperable with other devices. This data can be corroborated with what’s happening at other facilities, so teams can move beyond just checking regulatory checkboxes and put resources into using trusted data to secure their operational crown jewels. can be concentrated.
|
Integration for efficiency
A list of network restrictions is closely related to understanding overall network activity.
Practitioners should maintain documentation of access to switches that collect traffic flows on the network, as well as firewalls and a list of users or devices that are granted elevated access. The challenge is to conduct a network-wide audit to obtain this critical information when machines cannot be taken offline for review due to a variety of factors, such as always-on machines or business continuity activities. Therefore, such a network-wide review is best performed when new machinery is installed, a new OT security system is introduced, or during regularly scheduled downtime.
It’s no secret that performing these assessments manually has gone from being a tedious task to being downright impossible. Due to the large amount of data passing through the network at any given time, and the vulnerabilities and mitigations applied to each device, any assessments conducted become obsolete almost instantly.
Therefore, this approach should include continuous or regularly scheduled network assessments that can be performed in parallel with previously scheduled network threat assessments.
Data quality at scale
Obtaining high-quality data for a single institution is difficult. But what if you want to collect data across dozens of facilities across regions?
Internal teams or third-party vendors must incorporate the varying depth and breadth of data needed to score the entire network and the individual facilities that connect to it. Without this, it is impossible to understand the true risks each facility poses. Even though 49 facilities are low-risk, if one high-risk facility also happens to manage production for a company’s most critical product line, the organization remains vulnerable to cybersecurity threats. It’s still there.
The reality is that team leaders and OT security professionals are overwhelmed with all the tools they need to monitor their networks, while facing the same challenge of understaffing, resulting in increased demand for personnel. It is increasing.
For this reason, companies should not only carefully consider the platforms they use for OT security, but also the integrations offered. By leveraging these integrations that already exist within the platform to conduct risk assessments at scale, CISOs can save time and money without demanding large budgets from executives.
Iran Bardaco-founder and CEO radi flow
Promote your webinar with ITWIRE
It’s all about webinars.
Marketing budgets are now focused on webinars combined with lead generation.
If you want to promote your webinar, we recommend running your campaign at least 3-4 weeks before the event.
The iTWire campaign includes extensive advertising on the news site itwire.com and prominent newsletter promotions https://itwire.com/itwire-update.html and promotional news and editorials. Additionally, video interviews of featured speakers on iTWire TV https://www.youtube.com/c/iTWireTV/videos will be used in promotional posts on the iTWire homepage.
iTWire is currently emerging from lockdown. iTWire focuses on supporting webinars and campaigns with partial payments and extensions, webinar business booster packs, and other support programs. In addition to creating advertisements and written content, we can also coordinate video interviews.
We look forward to discussing your campaign goals. Click the button below.
Click here for details!