OT Security 101: 3 Key Features of a Strong Cybersecurity Program

Christina Hoefer | February 6, 2020
Critical infrastructure organizations reliant on operational technology (OT) for their core business are increasingly concerned that they’re under constant attack. According to figures in the Ransomware Marketplace report from incident response company, Coveware, the average number of days a ransomware incident lasts is now 16.2 days, up from 12.1 days in the third quarter of 2019. That amounts to a huge financial loss if it affects the availability of an OT system, like we saw when LockerGaga hit Norsk Hydro last year. The discovery of critical device vulnerabilities is also rapidly increasing, including zero days like TRITON/TRISIS in Triconex safety controllers and the URGENT/11 RTOS vulnerabilities.
It’s now more critical than ever to implement a strong OT security program to not only reduce downtime risk from threats like ransomware, but also ensure that your team can quickly respond and recover in case of an incident. Here are 3 key features to incorporate when planning your OT cybersecurity program:
As companies mature their security, they then advance to areas like vulnerability management, access control, threat detection and incident response. Whichever framework you choose, adhering to one can help provide specific guidance on what can often be a difficult task to successfully execute, securing critical OT systems.
How you collect this information is likely a question of what resources are available to you. A smaller company may have to rely on more manual methods if they don’t have the budget to purchase tools or hire a security consultant, but a larger company may choose to invest in a security platform that can collect asset data automatically or hire an OT security consultant to help complete this critical first step. However you choose to implement it, once you’ve mastered asset management, you can then begin to execute more advanced network protection methods like identity and access management, network segmentation and intrusion detection.
The OT cybersecurity market has evolved to a point where there’s a tool for just about every security technique you would ever want to implement— network access control, network monitoring, network segmentation, security orchestration, etc. If you’re evaluating solutions for any of these areas, it’s important to consider not only whether they’re designed specifically for sensitive OT networks, but also that the maintenance and integration of multiple vendor’s products can hinder security efforts. Look for a platform that can deliver multiple security controls for OT networks to help streamline cybersecurity efforts and break down siloes, rather than create them.
For more of the latest trends, challenges and best practices in OT security, download Gartner’s Market Guide for Operational Technology Security.
Toll-Free (US): 1-866-377-8771
Tel (Intl): +1-408-213-3191
Support: +1-708-237-6591
Headquarters
190 W Tasman Dr.
San Jose, CA, USA 95134