With recent headline grabbing hacks and breaches, the possibility of disruptions in the energy and power, water distribution, manufacturing, and pharmaceutical infrastructure that society relies on everyday, is a reality.
The SolarWinds Orion compromise may have been headline grabbing to the wider public, but the teams in the trenches have long been aware of the vulnerabilities and have been working feverishly to shore up the defenses.
The US government, through the Cybersecurity and Infrastructure Security Agency (CISA) has implemented a 5 year strategy “Securing Industrial Control Systems: A Unified Initiative FY 2019–2023” to address these challenges. And the Network and Information Security Directive (NISD) was recently passed in the EU, requiring critical infrastructure organizations to implement stronger cybersecurity and breach reporting for ICS, SCADA and OT networks.
The fact remains Critical Infrastructure around the world has many challenges to overcome in 2021 and beyond, but two of the fundamentals we must tackle in today’s digital transformation are updating a vast legacy infrastructure and bolstering a thin ICS Security workforce.
Legacy Infrastructure During Digital Transformation
By now you know the convergence of operational technology (OT) and IT environments is an issue facing everyone in the field.
Most OT environments use Industrial Control Systems (ICS), which encompasses SCADA and Distributed Control Systems (DCS), which were all developed decades ago. And because of the nature of critical infrastructure, they do what they are supposed to do — manage, command, and direct process control for large continuous industrial tasks for power distribution, oil and gas processing to automotive production lines.
These systems and processes were built for the long term, not to fail. Which makes logical sense why many of these legacy systems underpin their operation on 10 to 30 year old aging hardware and software, often utilize older OS systems like Windows 95, and with generally low-bandwidth traffic rely on aging infrastructure 10M/100M switches. As a by-product of long legacy life-cycles, it proves difficult to keep ICS secured against the ever-evolving and sophisticated threat landscape.
But with the advancement of modern commuting, Industry 4.0 and new requirements for corporate connectivity and remote access, ICS has been adopting IT solutions for ease of integration and reduced development costs.
What does this mean? The interconnection of IT Networks, responsible for corporate digital infrastructure and communications, to the process based control systems on the industrial floor with the proliferation of mobile and remote internet of things (IoT) devices have left OT environments nakedly vulnerable.
This infrastructure is susceptible to the same cybersecurity risks as IT systems, only with the potential for more damaging consequences.
“There’s vulnerabilities across all aspects of ICS in every sector. The question is what is the most worthwhile target for adversaries? We’ve certainly seen Russia go after energy sectors, specifically electric facilities. We’ve been told about China’s interest in pipelines,” Richard Driggers, deputy assistant director of cybersecurity at CISA, recently told Federal News Network.
Download: ICS Visibility Guide [Whitepaper]
Building an ICS Security Workforce
With growing demand and workforce shortages across all IT cybersecurity, it is understandable that more OT security experts are needed to help critical infrastructure owners and operators better secure and configure their operational technology environments.
What is the solution? Well, short of all you budding SecOps talent out there joining ICS security teams, it is going to take a Herculean industry-wide strategy.
It is clear the US Federal Government has realized this challenge will take a collective effort to address, as CISA’s focus that “no single entity can successfully manage the scope and complexity of the entire ICS risk landscape.” In this vein, the CISA’s ICS vision is to empower the ICS community to defend itself by developing and implementing joint ICS security capabilities and assets around a unified strategy.
Leaning on the ICS community to deliver more, the CISA wants to reinvigorate and deepen partnerships with the broader ICS community, while developing and promoting easily accessible, deployable, and inexpensive ICS tools and capabilities to help asset owners secure ICS against all adversaries.
All with the goal of encouraging ICS security people to become an active member of the community, with forums like the Industrial Control Systems Joint Working Group (ICSJWG) and The Critical Infrastructure Cyber Community (C3) Voluntary Program. Using these forums and resources, the CISA wants to improve visibility into the risk landscape so teams can use that knowledge to inform investments into proactive initiatives that move the ICS community ahead of the threat curve.
Foundation of Visibility for OT Environments
Garland wants to address both of these fundamental challenges.
With the convergence of OT and IT environments now intertwined, leading to an ever-expanding attack surface exposed to malicious actors, hacktivists, criminals and nation state actors, there is no turning back.
Digital transformation is upon us and the solution is clear. Following ICS Security best practices in Monitoring Operations, Hunt and Incident Response, Risk Assessment, Threat Analysis, Vulnerability Management, are all critical for the battle ahead.
But laying the proper network connectivity architecture to incorporate these ICS security solutions rely on one fundamental foundation concept — visibility.
That is why Garland is committed to providing OT best practices for network connectivity and visibility. When incorporating legacy equipment upgrades or designing new deployments, proving proper visibility best practices enables:
- Providing ICS Security solution the 100% packet visibility needed to secure the environment
- Speed of deployment and reducing complexity through network access, aggregation and optimization
- Mitigating risk of downtime with failover, bypass, data diode and air-gapped solutions
- Enabling critical data collection and reports to maintain compliance with industry regulations.
Garland’s TAP to Tool philosophy is based on partnerships. That is why we team with the top ICS security solutions in the industry with the goal to properly monitor and secure OT environments.
Looking to add OT visibility and reduce network complexity, but not sure where to start? Join us for a brief network Design-IT consultation or demo. No obligation - it’s what we love to do.
