//////////////////////////////////////////////////////////////////// t cht lk
needs to be strictly managed and
monitored for devices, users, applications
and protocols.
• Secure Wireless Access: Industrial IoT
(IIoT) devices communicate using a wide
variety of communications protocols.
Securing Wi-Fi connections only solves
part of the problem. There are now
thousands of vendors building IoT devices
using a wide variety of connectivity
and communications technologies in
addition to Wi-Fi, including Bluetooth,
NFC, Zigbee and RFID. And this doesn’t
include IoT devices hardwired into the
network behind the firewall. Security
resources need to be committed to
identifying, segmenting and securing
these connections.
• Vulnerability and Patch Management:
With availability as a primary concern
for OT networks and devices, patch
management has historically not only
been overlooked but actively avoided.
Operators may specifically decide not
to patch systems that are operational
and cannot afford to be taken offline
for an update. But as these devices
are connected to the IT network and
Internet, this approach can no longer
remain the status quo. Cybercriminals
www.intelligentcio.com
target known vulnerabilities, so
tracking devices and vulnerabilities and
implementing an aggressive patch and
replace programme is essential. For
systems that cannot tolerate any down
time, it is critical to deploy redundant,
active-active devices, alternate data
routes, or strict segmentation and active
signature and behavioural-based security
to protect unpatchable devices.
“
MALWARE IS
INCREASINGLY
SUCCESSFUL
AT HIDING AND
OBFUSCATING
ATTACKS INSIDE
APPLICATIONS
AND DATA.
• Behavioural Analytics and tracking:
Advanced threats require more than
passive security systems, especially
when protecting critical infrastructure.
Fortunately, the behaviour of most OT
systems can be pretty easily defined,
which means that unusual or aberrant
behaviour should be likewise relatively
easy to detect and block with a UEBA
(user and entity behaviour analytics)
system in place.
• Ruggedised devices: Traditional
OT devices are often required to
operate in industrial environments,
exposed to extremes in temperature,
weather, vibration and impact. As
IT and IoT devices are introduced
to this environment, it is critical that
organisations select those devices that
have been tested and rated to function in
extreme settings. The same is true for the
security technologies used to protect OT
devices and networks.
• Deep Packet Inspection: Malware is
increasingly successful at hiding and
obfuscating attacks inside applications
and data. Given the sensitive nature of
industrial control systems (ICS) and the
potential for devastating results should
they be compromised, it is essential that
organisations implement a combination
of signature- and protocol/behavioural-
based inspection of traffic traveling
to, from, and between OT systems to
prevent the abuse of particular industrial
protocols. Such an approach is also
better suited to the OT environments as
it can provide critical protections without
requiring frequent updates.
The transition to hyperconnected networks,
such as smart cities and connected utility
services, is driving the convergence of
IT, OT and IoT networks. To successfully
defend these integrated networks,
organisations need an architecture that
scales across the entire infrastructure
to provide unified visibility and control,
distributed segmentation and integrated
protection. Protecting and defending
today’s critical infrastructures requires a
single, unified approach that integrates
security solutions into an interactive
security fabric capable of adapting to and
spanning distributed IT environments,
while simultaneously providing the
advanced capabilities needed to defend
their critical OT infrastructure. n
INTELLIGENTCIO
97