4,848 miles separate Nuremberg, Germany and Orlando, Florida. But surprisingly, their cybersecurity concerns are much closer than their physical distance.

I traveled to both cities in the past month to attend it-sa Expo & Congress, October 10-12 and the 2022 FMEA Energy Connections Conference & Trade Show, November 3-4. (For those not familiar, it-sa is a major trade show for IT security in Europe and FMEA Energy Connections Conference is the Florida Municipal Energy Association’s event for electric utility management and operations professionals to come together to learn and share best practices.)

This blog is a brief summary of my observations from both events.

There are many cybersecurity solutions to evaluate.

Network architects, cybersecurity engineers, and ICS/OT security specialists managing IT and OT networks are working overtime to navigate the cybersecurity solutions available in the marketplace. Bad actors never rest trying to exploit vulnerabilities in commercial IT networks and critical infrastructure OT networks. We are fortunate there are companies like Nozomi Networks, SynSaber, Fortinet, and SCADAfence offering state-of-the-art cybersecurity solutions to combat threats to the network. Attendees at both events expressed interest in seeing demos and even testing these solutions in their production networks with Proof of Values (POVs). Garland Technology has first-hand experience helping companies prove out the value of these new cybersecurity solutions. We recommend deploying a network TAP to connect the tool,  ensuring that it sees all copies of the network traffic so a thorough assessment can be completed.

Investment is happening but budgets are limited.

Critical infrastructure is getting tons of attention as governments are working to shore up defenses of electric grids, water treatment facilities, and food manufacturing from cyber threats and attacks. IT and OT network professionals are also working to understand new regulations from NIST, NERC, and ERNCIP. All protections require funding but no one’s budget is unlimited.

I talked a lot about using TAPs and Aggregators as a way to stretch budget dollars. Installing network TAPs at various segments of the network and aggregating the traffic with an Advanced Aggregator can help optimize the quantity of security appliances needed to deploy in your environment, and maximize the use of your budget.

Enforcing unidirectional traffic is a desired method of protecting a network.

As the convergence of IT and OT networks expands across sectors, the resulting cybersecurity vulnerabilities need to be remedied as well. Unidirectional or one-way data flow in data diodes are designed to secure OT networks from external threats, eliminating inbound data flow and ultimately outside threats to OT network segments. To help me demonstrate, I brought a handful of portable Data Diode network TAPs to explain how a Data Diode TAP can be an added cybersecurity device for network engineers. Data Diodes TAPs are hardware devices that enforce one-way data flow from a network segment to a monitoring destination, with physical hardware separation, guaranteeing protection of critical systems from inbound cyber threats. And best of all, they’re an affordable option.

Partnerships are the formula for success.

Special thanks to our Germany distributor Aqaio for inviting Garland Technology to exhibit in their booth at it-sa and to our customer in Florida who invited us to exhibit at the FMEA Energy Connections Conference. My team and I enjoy traveling to different trade events and meeting folks face-to-face to discuss active challenges and opportunities.

Please reach out if I or my team can help your next IT or OT network project.