Network security

OT Network Security Success Starts With Visibility

For those in industrial sectors – energy, utilities, manufacturing, communications, transportation and defense – operational technology (TO) systems control both industrial and critical infrastructure.

As OT networks increasingly converge with Internet-connected Information Technology (IT), the overlap leads to an increasing potential for attacks by cybercriminals. Previously isolated OT systems are now exposed to the full spectrum of cyber threats.

“Because traditional security strategies were not designed for the unique and sensitive needs of OT, network operations analysts should seek protection that provides visibility, control and situational awareness in these environments,” explains Fortinet.

1. Defend an expanding OT network attack

In the past, the best way to protect OT networks was to isolate them from computer networks, which is called air gap.

However, with 75% of organizations reporting at least some form of basic connection between IT and OT, convergence negates the security of air gap, resulting in 97% of organizations acknowledging the challenges of security because of this convergence.

2. Find a new solution for OT security

“In light of OT and IT convergence, an advanced and effective OT security posture requires specialized considerations. “Says Fortinet, who adds that” attempts to manage risk by simply deploying standard firewalls, sandboxes and intrusion prevention systems. in OT environments present unacceptable, disruptive and uncertain results.

Instead of taking a holistic approach to network security solutions, organizations need to design security even in the most basic levels of OT environments in order to address the big picture.

3. Visibility over the entire attack surface

“You can’t protect what you can’t see,” says Fortinet, which reports that “82% of organizations are unable to identify all of the devices connected to their network.”

In today’s digital environment, having continuous visibility of every device (wired and wireless) is important to ensure reliable OT operations.

“Since these technologies connect to a [external] Computer network for additional capabilities, they provide a potential backdoor for threats aimed at attacking vulnerable OT systems. An integrated security architecture can support transparent and centralized visibility of the entire OT environment, ”explains Fortinet.

4. Control access, security updates, and more.

Control in OT requires the need to base normal traffic and predefined approved functions.

Fortunately, device behaviors in an OT environment tend to be static and within a predictable range, so abnormal behaviors are more likely to be immediately apparent and identified than in traditional IT environments, ”says Fortinet.

It is also essential to control in OT the ability to force traffic from primitive devices through a next generation firewall solution. “Organizations need to be able to enforce and enforce access policies based on who and what is connected to the network,” adds Fortinet.

5. Situational awareness

An hour’s operational downtime can cost businesses over $ 100,000 (according to 98% of manufacturers in a PwC study).

With this in mind, “when an individual device in an OT environment is attacked, organizations need instant alerts and contextual threat information in order to quickly understand what specific actions to take,” says Fortinet.

However, this is easier said than done, Network Operations Analysis can receive thousands of security alerts per day, and it can take hours of investigation to manually find the location of a suspicious device and all other relevant information about the event to determine if this is a real attack.

6. More transparency for industrial and critical infrastructure networks

Staying on the fine line between protecting the growing potential for attacks without disrupting sensitive systems is a major challenge for OT networks.

“While the convergence of OT and IT offers great benefits, it also introduces new risks that may be unfamiliar to network operations analysts and security teams. Organizations need to be able to ensure that they know everyone and everything connected to their infrastructure at all times, ”concludes Fortinet.

To read the full report “OT Network Security Starts with Visibility: Greater Transparency for Industrial and Critical Infrastructure Networks”, Click here.
To sign up for Fortinet’s “When, not if: Respond when your OT network suffers a ransomware attack” from Fortinet on June 24, Click here.

Source link