Weekly Briefing: 10/28/24
From Silos to Synergy: A Zero Trust Approach to IT/OT Security
Trevor Dearing , Director of Critical Infrastructure Solutions at Illumio
I spend quite a bit of time talking to security leaders about their operational technology (OT) security. I find that they usually fall into three categories:
I understand all three groups’ perspectives and see merits in each approach. But one commonality between them is room for better communication and collaboration between their IT and OT teams. I think Zero Trust can fill this gap.
Industry 4.0: Smart everything
First, it’s important to understand the state of OT security. It’s evolved since just a few years ago. ?
Today, more and more businesses are building smart factories, smart grids, and even smart warehouses. Machines are connected to the cloud, data center, or even the internet. You have to worry about your supply chain’s security just as much as your own.
Industry 4.0 helps make processes more efficient, less hands-on, and faster. But as we connect more machines and processes, they start looking a lot like IT systems. With that comes all the vulnerabilities we already know about in IT – but in a space that hasn’t worked very closely with IT in the past. ?
It’s not enough to simply acknowledge that OT is going through a major evolution right now. You must pay attention to the ways it’s impacting your security and ultimately your bottom line.
Traditional OT security concerns
Traditionally, OT and IT teams worked separately. They each focused on securing their own environments. ?
But as systems get smarter, there’s a greater need for a single, coordinated security approach. It's crucial to develop a hybrid approach that meets the requirements of both IT and OT. ?
This also means rethinking traditional OT security tools. Interactive control systems that use a virtualized or containerized platform make legacy techniques like data diodes and DMZs (demilitarized zones) moot.
领英推荐
Also, the huge volume of interactions and the required availability of OT environments makes many existing IT tech like endpoint detection and response (EDR) no longer appropriate. Organizations now need a combination of non-intrusive host protection and network-based protection.
Also, many existing IT tech like antivirus or endpoint detection and response (EDR) don’t work with modern OT because they sit deep in the kernel. This slows down OT's huge volume of interactions and can risk availability issues. For today’s OT, organizations need a combination of non-intrusive host protection and network-based protection.
And it’s not something that needs to be put off. Criminal gangs and nation-state actors are using OT as a path to political and financial gains. In fact, last month, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning that threat actors, including pro-Russian hacktivists, were actively exploiting internet-accessible OT and industrial control systems (ICS) devices.
It’s time to break down IT/OT siloes
What do I think is the answer? IT and OT should stop thinking that they’re two separate entities. They must see themselves as one team. This allows them to share knowledge and combine their cybersecurity efforts across the entire network. ?
IT and OT need one security strategy and one security plan. Anything else will lead to inconsistencies in visibility, operational overlap, and major security gaps.
Zero Trust is the key to merging IT and OT ?
This is where Zero Trust comes into play. It’s a great starting point to help you build a new approach to IT/OT security. ?
A Zero Trust strategy speaks to everyone, from executive leadership to practitioners and application owners across IT, OT, and the entire organization. It’s designed to be simple enough to execute at the highest scale.
By assuming that nothing — inside or outside the organization — is automatically trusted, Zero Trust helps you limit access to your most critical systems. This means attackers can’t spread through your network or your supply chain.
For example, a factory might have 20,000 sensors. Why leave all of them open when only a few need to communicate with each other? This is the kind of IT/OT security gap that attackers know about and use to their advantage. With Zero Trust, you can easily get visibility into these connections, allow necessary communication, and block everything else. ?
When your IT and OT teams are aligned and working towards a joint strategy, you’re prepared to reduce risk, build operational resilience, and protect your business. ?
Head to The Zero Trust Hub: hub.illumio.com
B2B Marketing Senior Leader, Partner Marketing, Product Marketing, Channel Development
5 天前great topic!
Great dad | Inspired Risk Management and Security Profesional | Cybersecurity | Leveraging Data Science & Analytics My posts and comments are my personal views and perspectives but not those of my employer
3 周Sharing the recent survey by Claroty highlighting the business impact of ransomware in OT and IoT environments https://www.dhirubhai.net/posts/mortiz-tech_the-global-state-of-cps-security-2024-business-activity-7256880936057802752-i54v?utm_source=share&utm_medium=member_ios
Great dad | Inspired Risk Management and Security Profesional | Cybersecurity | Leveraging Data Science & Analytics My posts and comments are my personal views and perspectives but not those of my employer
3 周Illumio thanks for sharing your perspective on critical topic. IMO, there is still some resistance and myths that IT and OT must be segregated which only helps threat actors to continue impacting business operations and achieving financial gains due to the security gaps and lack of effective synergies. The fear that adding security tools to OT operations will negatively impact business operations is the common deterrent and security teams do not have an effective way of communicating and overcome it. ZTA ideas will encounter same resistance and expert must show the benefits with real success stories.