Cybersecurity adversaries increasingly are attacking operations technology, including building control systems, transportation networks and utilities. The technology often depends on fragmented and legacy security measures, and despite the growing risks, agencies can be reluctant to commit resources that would bring OT security up to current standards.
To protect these targets, OT and IT must be on the same page. But the gap between spheres of expertise often leads to incomplete or ineffective approaches and sometimes to interdepartmental conflict. IT must understand operations’ practical vulnerabilities while bringing its next-level cyber solutions to OT, and OT must recognize the necessity of — and opportunities for — improved security. That doesn’t require new hardware or infrastructure. The most important step is conducting a comprehensive inventory to identify the assets you have.
“I go back to that asset inventory because … everything is going to come from that,” said Randy Benn, Solution Engineer for Federal at Claroty. “You can’t secure what you can’t see. If you don’t know what you have, you have absolutely no idea what the risk surface looks like in your environment.”
In this video interview, Benn, along with Isaac Johnson, State and Local Principal at Claroty, and Zane Blomgren, Solution Engineer for SLED, discuss strategies for protecting critical OT infrastructure. Topics include:
- Closing the knowledge gap between IT and OT teams
- The importance of a comprehensive asset inventory
- Strategies for building a secure OT environment
Leave a Reply
You must be logged in to post a comment.