Fortinet: OT Network Security Success Starts with Visibility

By BizClik Admin
Discover six-core visibility challenges to overcome when it comes to OT network security success outlined by Fortinet

For those in the industrial sectors - energy, utilities, manufacturing, communications, transportation and defence - operational technology (OT) systems control both the industrial and critical infrastructure.

As OT networks increasingly converge with internet-connected information technology (IT), the overlap results in an expanding potential for cybercriminals to attack. Previously isolated OT systems are now exposed to the full spectrum of IT-based threats. 

“Because traditional security strategies were not designed for the unique and sensitive needs of OT, network operations analysts must seek out protection that provides visibility, control, and situational awareness across these environments,” says Fortinet.

1. Defending an Expanding OT Network Attack

In the past, the best way to protect OT networks was to isolate them from IT networks, known as air gapping. 

However, with 75% of organisations reporting at least some form of basic connection between IT and OT, the convergence voids the security of air gapping, which is resulting in 97% of organisations acknowledging security challenges because of this convergence.

2. Finding a New Solution for OT Security

“In light of OT and IT convergence, an evolved and effective OT security posture requires some specialised considerations.,” says Fortinet, who adds that “attempts to address risk by simply deploying off-the-shelf firewalls, sandboxes, and intrusion prevention systems into OT environments present unacceptable, disruptive, and uncertain outcomes.”

Instead of taking a bolt-on approach to network security solutions, organisations need to design security into even the most basic levels of OT environments in order to address the bigger picture.

3. Visibility Across the Attack Surface

“You cannot protect what you cannot see,” says Fortinet, who reports that “82% of organisations are not able to identify all the devices connected to their network.”

In today’s digitally-driven environment, it is important to have continuous visibility of every device (wired and wireless) in order to ensure reliable OT operations. 

“Since these technologies connect to an [external] IT network for additional capabilities, they offer a potential backdoor for threats to attack vulnerable OT systems. An integrated security architecture can support transparent, centralised visibility of the entire OT environment,” says Fortinet.

4. Control Access, Security Updates, and More

Control in OT requires the need for baselining normal traffic and predefined approved functions. 

“Fortunately, device behaviours within an OT environment tend to be static and within a predictable range, so anomalous behaviours are more likely to be immediately apparent and identified than in traditional IT environments,” explains Fortinet. 

Also critical to control in OT is the ability to force traffic from primitive devices through a next-generation firewall solution. “Organisations must be able to apply and enforce access policies based on who and what is connected to the network,” adds Fortinet.

5. Situational Awareness

Operational downtime for a single hour can cost organisations more than US$100,000 (reports 98% of manufacturers in a PwC study). 

With this in mind, “when an individual device in an OT environment is attacked, organisations need instantaneous alerts and contextual threat information in order to quickly understand what precise actions to take,” says Fortinet. 

However, this is easier said than done, network operations analytics can receive thousands of security alerts a day, and it can take hours of investigation to manually track down the location of a suspicious device and all other relevant information surrounding the event to determine whether this is an actual attack. 

6. Greater Transparency for Industrial and Critical Infrastructure Networks

Toeing the fine line between protecting the expanding potential for attack without disrupting sensitive systems is a core challenge for OT networks. 

“While the convergence of OT and IT offers great benefits, it also introduces new risks that may be unfamiliar to network operations analysts and security teams. Organisations must be able to ensure they know everyone and everything connected to their infrastructure at all times,” concludes Fortinet.

To read the Full ‘OT Network Security Starts with Visibility: Greater Transparency for Industrial and Critical Infrastructure Networks’ report, click here.
To register for Fortinet’s ‘When, Not If: Responding when your OT network suffers a ransomware attack’ on June 24, click here.

Share

Featured Articles

Deutsche Bahn to Sell DB Schenker to DSV in US$15.8bn Deal

DSV's agreement to buy DB Schenker from Deutsche Bahn forms part of its ambitious plans to create a global market leader in transport and logistics

P&SC LIVE: The Must-Attend Industry Event- 2 Weeks to Go

Join the leading global summit in London for a comprehensive exploration of procurement and supply chain innovations, strategies, and technologies

Uber Freight’s Bid to Advance End-to-End Logistics

Uber Freight's latest advancements include a strategic integration with Uber Direct, modular TMS functionality and flexible procurement software

INVERTO: Red Sea Crisis Forces Christmas Retail Rethink

Supply Chain Risk Management

Major Procurement & Supply Chain Speakers at P&SC LIVE

Digital Supply Chain

Major Procurement & Supply Chain Speakers at P&SC LIVE

Digital Supply Chain