Magazine

FM College ~ News & Articles

OT Visibility Critical for Cybersecurity

May 19, 2024 | Public | 0 comments

 

OT Visibility Critical for Cybersecurity

Do you know exactly which OT assets you’re running and which vulnerabilities exist in those assets?

 

Understanding the operational technology (OT) environment—including which assets are connected to the OT network, what unexpected traffic looks like, which vulnerabilities to prioritize, and which potential threat behaviors might be lurking within—is fundamental to strong industrial cybersecurity. Without comprehensive OT visibility, it’s almost impossible to measure and mitigate your unique risk landscape.

• Does your organization suffer from limited OT visibility? Consider the following questions:

• Do you know exactly which OT assets you’re running, including the specific software versions they’re operating?

• Do you know which vulnerabilities exist in those assets—and which ones introduce the most risk to the OT environment? Do you have a methodology to prioritize patching and do you know how to implement alternative mitigations?

• Would you know if you were compromised? How long could a compromise go on before you knew it? In a recent Ponemon Institute study (Traverse City, MI, ponemon.org), it took companies an average of 170 days to detect an incident.

The path to progress

OT visibility consists of these factors: asset visibility, threat visibility, and vulnerability management.

Organizations achieve OT asset visibility by discovering, inventorying, and classifying the systems that run operational processes in industrial facilities. OT asset visibility tracks configuration states of assets, versions used, and maps relationships between assets. Asset visibility is first established with an inventory of assets, which can then be used to prioritize which assets to monitor on a continuous basis for threat detection, vulnerability management, and change control.

Threat visibility leverages the combination of thorough, relevant OT threat intelligence and threat-detection mechanisms that identify active threats in an environment. OT threat intelligence is collected by expert ICS cybersecurity researchers who actively hunt for and observe industrial-specific adversaries on a range of industrial networks worldwide. They categorize the tactics, techniques, and procedures (TTPs) of the threat actors and provide advisories that include attack details and technical indicators of compromise (IOCs) tied to them.

Vulnerability management is the practice of identifying and remediating vulnerabilities or weaknesses in OT assets that put them at risk of a cyberattack. Software flaws can exist in operating systems, applications, industrial firmware, or protocols and are classified based on risk of exploitation.

Effective OT vulnerability management can help:

• Simplify compliance by effectively documenting vulnerabilities and their disposition (patched, remediated, or risk-accepted).

• Prioritize action around vulnerabilities based on importance of the asset, downtime risks, and evidence of in-the-wild exploits against them.

• Maximize remediation resources to get the most out of cybersecurity budgets.

• Provide a unifying view of vulnerabilities across assets for OT operators and cybersecurity stakeholders. EP

By Jennifer Halsey, Dragos

Jennifer Halsey is the Senior Manager of Industry Marketing for Dragos Inc., Hanover, MD (dragos.com). Prior to joining Dragos, Halsey was the Director of Communications & Brand Strategy at the International Society of Automation (ISA), Pittsburgh (isa.org). Dragos is one of the founding members of the ISA Global Cybersecurity Alliance.

The post "OT Visibility Critical for Cybersecurity" appeared first on Efficient Plant

0 Comments

Submit a Comment

Are Scents a True Indicator of Cleanliness?

Editor’s note: FM Perspectives are industry op-eds. The views expressed are the authors’ and do not necessarily reflect...

The Impact of Lighting on Aesthetics and Atmosphere in Healthcare

Lighting manufacturers discuss how lighting affects the look and feel of healthcare facilities. While not usually talked...

IFMA publishes accessible guide for leveraging AI

The International Facility Management Association (IFMA) released a publication for understanding and leveraging AI in the...

Hidden dangers

Conor Logan, Technical Director, Colt International on the hidden dangers of neglecting smoke control system maintenance In...

How to Improve Facility Operations with Visual Management Strategies

Visual management enables businesses to communicate important information about processes and procedures. Where...