Visibility Solutions

Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.

Resources

Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.

Blog

The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners

Partners

Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.

Company

Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.

Contact

Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!

2 Fundamental Challenges Facing Critical Infrastructure in 2021

With recent headline grabbing hacks and breaches, the possibility of disruptions in the energy and power, water distribution, manufacturing, and pharmaceutical infrastructure that society relies on everyday, is a reality.

The SolarWinds Orion compromise may have been headline grabbing to the wider public, but the teams in the trenches have long been aware of the vulnerabilities and have been working feverishly to shore up the defenses.

The US government, through the Cybersecurity and Infrastructure Security Agency (CISA) has implemented a 5 year strategy “Securing Industrial Control Systems: A Unified Initiative FY 2019–2023” to address these challenges. And the Network and Information Security Directive (NISD) was recently passed in the EU, requiring critical infrastructure organizations to implement stronger cybersecurity and breach reporting for ICS, SCADA and OT networks.

The fact remains Critical Infrastructure around the world has many challenges to overcome in 2021 and beyond, but two of the fundamentals we must tackle in today’s digital transformation are updating a vast legacy infrastructure and bolstering a thin ICS Security workforce.

Legacy Infrastructure During Digital Transformation

By now you know the convergence of operational technology (OT) and IT environments is an issue facing everyone in the field.

Most OT environments use Industrial Control Systems (ICS), which encompasses SCADA and Distributed Control Systems (DCS), which were all developed decades ago. And because of the nature of critical infrastructure, they do what they are supposed to do — manage, command, and direct process control for large continuous industrial tasks for power distribution, oil and gas processing to automotive production lines.

These systems and processes were built for the long term, not to fail. Which makes logical sense why many of these legacy systems underpin their operation on 10 to 30 year old aging hardware and software, often utilize older OS systems like Windows 95, and with generally low-bandwidth traffic rely on aging infrastructure 10M/100M switches. As a by-product of long legacy life-cycles, it proves difficult to keep ICS secured against the ever-evolving and sophisticated threat landscape.

But with the advancement of modern commuting, Industry 4.0 and new requirements for corporate connectivity and remote access, ICS has been adopting IT solutions for ease of integration and reduced development costs. 

What does this mean? The interconnection of IT Networks, responsible for corporate digital infrastructure and communications, to the process based control systems on the industrial floor with the proliferation of mobile and remote internet of things (IoT) devices have left OT environments nakedly vulnerable.

This infrastructure is susceptible to the same cybersecurity risks as IT systems, only with the potential for more damaging consequences.

“There’s vulnerabilities across all aspects of ICS in every sector. The question is what is the most worthwhile target for adversaries? We’ve certainly seen Russia go after energy sectors, specifically electric facilities. We’ve been told about China’s interest in pipelines,” Richard Driggers, deputy assistant director of cybersecurity at CISA, recently told Federal News Network.

>> Download now: Learn why SPAN Ports should not be used in industrial security solutions [Whitepaper]

Building an ICS Security Workforce

With growing demand and workforce shortages across all IT cybersecurity, it is understandable that more OT security experts are needed to help critical infrastructure owners and operators better secure and configure their operational technology environments.

What is the solution? Well, short of all you budding SecOps talent out there joining ICS security teams, it is going to take a Herculean industry-wide strategy.

It is clear the US Federal Government has realized this challenge will take a collective effort to address, as CISA’s focus that “no single entity can successfully manage the scope and complexity of the entire ICS risk landscape.” In this vein, the CISA’s ICS vision is to empower the ICS community to defend itself by developing and implementing joint ICS security capabilities and assets around a unified strategy.

Leaning on the ICS community to deliver more, the CISA wants to reinvigorate and deepen partnerships with the broader ICS community, while developing and promoting easily accessible, deployable, and inexpensive ICS tools and capabilities to help asset owners secure ICS against all adversaries.

All with the goal of encouraging ICS security people to become an active member of the community, with forums like the Industrial Control Systems Joint Working Group (ICSJWG) and The Critical Infrastructure Cyber Community (C3) Voluntary Program. Using these forums and resources, the CISA wants to improve visibility into the risk landscape so teams can use that knowledge to inform investments into proactive initiatives that move the ICS community ahead of the threat curve.

Foundation of Visibility for OT Environments

Garland wants to address both of these fundamental challenges.

With the convergence of OT and IT environments now intertwined, leading to an ever-expanding attack surface exposed to malicious actors, hacktivists, criminals and nation state actors, there is no turning back. 

Digital transformation is upon us and the solution is clear. Following ICS Security best practices in Monitoring Operations, Hunt and Incident Response, Risk Assessment, Threat Analysis, Vulnerability Management, are all critical for the battle ahead.

But laying the proper network connectivity architecture to incorporate these ICS security solutions rely on one fundamental foundation concept — visibility. 

That is why Garland is committed to providing OT best practices for network connectivity and visibility. When incorporating legacy equipment upgrades or designing new deployments, proving proper visibility best practices enables:

  • Providing ICS Security solution the 100% packet visibility needed to secure the environment
  • Speed of deployment and reducing complexity through network access, aggregation and optimization
  • Mitigating risk of downtime with failover, bypass, data diode and air-gapped solutions
  • Enabling critical data collection and reports to maintain compliance with industry regulations.


Garland’s TAP to Tool philosophy is based on partnerships. That is why we team with the top ICS security solutions in the industry with the goal to properly monitor and secure OT environments.

Looking to add OT visibility and reduce network complexity, but not sure where to start?  Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do.

Full Duplex Capture in Industrial Network Security Garland Technology

Written by Chris Bihary

Chris Bihary has been in the network performance industry for over 20 years. Bihary has established collaborative partnerships with technology companies to complement product performance through the integration of network test access points. Previously, Bihary was Managing Partner at Network Critical.

Authors

Topics

Sign Up for Blog Updates