• Shutterstock 1389157238 63852a5b9fe2b

    Five controls for OT cybersecurity

    Dec. 2, 2022
    Cybersecurity week 2022—day 5: Dragos details five control policies/procedures for successful cybersecurity

    Operations technology (OT) cybersecurity is finally getting more of the attention it deserves, but Dragos Inc. reports that executive buy-in and five control policies/procedures are needed for a successful cybersecurity program. To gain executive understanding and support, a cybersecurity supporter should present them with real-world examples of cyber-attack impacts and how much they cost, research prior incidents including U.S. Security and Exchange Commission (SEC) filings by firms that were impacted, and explain the difference between information technology (IT) and operations technology (OT) and stress that they must support OT cybersecurity as well as IT.

    The five controls for cybersecurity are:

    • Create a dedicated industrial control system (ICS)-specific incident response plan that addresses OT device types, communication protocols, procedures, tools and languages. Include points of contact, such as employees with cybersecurity skills in each facility, and add thought-out steps for specific cyber-scenarios at each location. Consider performing tabletop exercises to test and improve response plans.
    • Establish a defensible architecture by hardening the environment—remove extraneous OT network access points, maintain strong policy control at IT/OT interface points, and mitigate high-risk vulnerabilities. Invest in training people in skills for adapting to new vulnerabilities and cyber-threats.
    • Maintain visibility and monitoring with an inventory of assets. Map vulnerabilities against assets and mitigation plants, actively monitor network traffic for cyber-threats, and respond as needed. Visibility of assets validates implemented security, and threat detection enables scaling as networks grow.
    • Implement multi-factor authentication (MFA) across OT’s systems for an extra, low-cost layer of cybersecurity. If MFA isn’t possible, consider using a jumphost with focused monitoring to manage devices in a separate security zone. Focus on connections in and out of a network, rather than links within the network.
    • Perform key vulnerability management by maintaining timely awareness of vulnerabilities that apply to the environment with correct, updated information and risk ratings. Also, maintain alternative mitigation strategies to minimize exposure, while continuing to operate.   

    Cybersecurity week 2022

    This article is part of the 2022 cybersecurity week series. Read more here.

    About the Author

    Jim Montague | Executive Editor

    Jim Montague is executive editor of Control. 

    Email

    Continue Reading

    Sponsored Recommendations

    Municipalities are utilizing inline total solids measurements to enhance sludge thickening, lower polymer usage and cut operational expenses.
    Carbon dioxide is increasingly recognized as a vital resource with significant economic potential. While the conversion of carbon dioxide into products is still in its infancy...
    Discover our wide range of temperature transmitters that convert sensor signals from RTDs and thermocouples into stable and standardized output signals!
    An innovative amine absorption-based carbon capture process enables retrofitting of existing industrial facilities to reduce emissions in hard-to-abate sectors, with advanced ...

    Latest from Cybersecurity

    shutterstock_2507716965
    shutterstock_2043981875
    Spanish map, dramatic stormy clouds with electrical wiring, blackout in Spain

    Most Read

    Sponsored