Topics in this article
As an operational technology (OT) expert, you need to be ready for anything – from equipment failure to security breaches and everything in between. But what does readiness look like in your OT world?
Readiness can translate to an array of unique perspectives when it comes to OT and industrial control systems (ICSs): ready to operate, ready to defend and even ready to recover. All these have cyber-resilience in common: the ability to not only prevent but also to detect and respond to activities that would otherwise keep operations safely functioning and stable. When it comes to OT, how well can you detect early, mitigate quickly and thoroughly recover from an attack on your network and endpoints? Each aspect is important; each has its own unique challenges and; all of them are necessary to maintain operational resiliency in your OT and ICS environments.
Prevention only isn’t a winning strategy
If you’re like many organizations, your network security strategy falls well short of being proactive and delivering persistent situational awareness and a well-timed response. According to trends observed in recent Fortinet surveys, 60–70% of organizations spend all their time and money on prevention, leaving only 30–40% of organizations ready for what happens after a breach occurs.i
True readiness shouldn’t be an ‘all prevention, little response’ situation, especially when it comes to OT and ICS systems. An ‘all prevention strategy’ is simply hoping that a breach doesn’t happen. Unfortunately, reality shows that evolving threats make that approach unrealistic.
Real readiness in OT means that if you experience a breach, you have a validated plan in place to respond, remediate and keep things operational, even while you fix things behind the scenes.
A multi-year approach to readiness
Many industry segments such as wastewater, chemical manufacturing and oil and gas are suddenly required to demonstrate their readiness strategies to governments and other regulatory bodies –especially considering recent malware and ransomware attacks. In the US, the Cybersecurity and Infrastructure Security Agency (CISA) just announced a new advisory for water and wastewater systems based on increased known and unknown threat actors.ii Other critical infrastructure industry sectors are expected to follow suit.
OT readiness demands more than a ‘one and done’ solution. It’s a journey that requires expert prioritization of effort based on a detailed assessment of risks. In IT, equipment rarely remains operational longer than five years. But in OT, legacy machines that have been in place for 20–25 years are common. As a result, there are obsolete, diverse endpoints with no patches or upgrades available.iii
Your OT readiness must accommodate that legacy uniqueness and, when it can, include modernization plans for legacy systems to bolster resilience. You need an agile, adaptable plan as the threat landscape continues to morph and grow more aggressively towards OT. The plan must address both prevention and readiness to respond. This often entails a multi-year approach to operational technology readiness that can be pretty daunting.
Due to the convergence of networks, your once air-gapped OT systems may now be visible, exposed and vulnerable. You need a plan of action now. Of course, the best way to protect your ICS environment from compromise is to discover and remediate vulnerabilities before an attack can occur and cause harm to the system and data – something security experts from NTT and Fortinet are readily poised to make possible.
Together, NTT and Fortinet can help you take a holistic view of your OT prevention and readiness. NTT possesses deep and broad experience across OT environments and knows those challenges intimately. The power of such a partnership can help create a timely and relevant plan to address the most imminent threats today and craft a roadmap for the more substantial changes you need for enduring protection. Fortinet’s Security Fabric can help you address the expanding attack surface.
The marriage of IT and OT has created unique opportunities for your organization to transform your business operations. Like all marriages, well-timed and contextually clear communication is key. Bringing all players to the table to discuss your long-term OT readiness is the best way to get started as you create your multi-year approach. NTT can help you coordinate this collaboration. Reach out today to get started.
ii Cybersecurity and Infrastructure Security Agency, Ongoing Cyber Threats to U.S. Water and Wastewater Systems Sector Facilities, October 2021
iii Security Boulevard. Protecting OT Networks from Cyber Attacks, October 2021