With the proliferation of insecure IoT devices on the factory floor and the erosion of the air gap separating industrial control systems (ICS) and operational technology (OT) from IT networks, cybersecurity concerns have escalated in the industrial world, too.
Navigating the unique security challenges of Industry 4.0 requires more than investments in technology. In this era of increasingly converged IT and OT environments, cybersecurity awareness is critical — now more than ever.
This article looks at a couple of cybersecurity lessons from Armis’s IT/OT Convergence Playbook to help industrial organizations revamp their control systems and increase resilience.
OT-IT integration brings a demand for centralized approaches to security in industrial environments. Traditional IT solutions are based on agents installed on the endpoint. However, ICS and OT systems and devices are unmanaged and cannot accommodate security agents.
In addition, those devices are often not built with security in mind and cannot be easily patched. The result is an asset management visibility gap that is escalating in proportions. There will be 55.7 billion connected devices worldwide by 2025, as per a prediction by IDC.
That’s why organizations need agentless security solutions — such as Armis Device Security Platform — because they can protect all devices in the Industrial Internet of Things (IIoT) era. Equally important is to get all stakeholders engaged and committed to cybersecurity resilience initiatives.
Getting sponsorship leadership for cybersecurity investments is needed to secure financial resources and promote measures and best practices among other stakeholders.
When communicating cybersecurity concerns, however, it’s crucial to avoid tech jargon that can alienate the leadership team and the workforce. Instead, try to emphasize the business impact of those initiatives. Securing ICS and OT assets is fundamental to prevent damage to systems, lower risk and ensure availability and reliability of operations.
Gartner predicts that, by 2025, cyber attackers will have weaponized OT environments to harm or kill humans, and most CEOs will be personally liable for such incidents. These challenges are bringing new organizational trends, too.
“By 2025, 40% of boards of directors will have a dedicated cybersecurity committee overseen by a qualified board member.”
Better employee training and awareness can help to prevent cyberattacks. According to the 2021 SANS Survey, initial attack vectors involved in OT/ICS incidents included spear phishing attachment (26.5%) and engineering workstation compromise (18.4%).
In many cases, the worker is not ill-intentioned but lacks the understanding that simply accessing a social media website from work could lead to breaches and industrial disruption. That’s why organizations need to educate their employees on cybersecurity best practices and online risks – from using stronger passwords to not opening suspicious email attachments.
Costly cyberattacks could have been avoided if companies had followed basic security measures. That has been the case with three high-profile breaches that stirred up newspaper headlines in 2021. After investigating the Pipeline, JBS and CNA hacks, the Committee on Oversight and Reform’s Investigation into Ransomware concluded that small failures in security systems led to major ransomware incidents.
According to the Committee’s report, “Even large organizations with seemingly robust security systems fell victim to simple initial attacks, highlighting the need to increase security education and take other security measures prior to an attack.”
Examples of basic cyber hygiene include the use of strong passwords and multifactor authentication. Another way to improve one organization’s security posture is to follow well-known cybersecurity frameworks, such as NIST CSF, Zero Trust, CIS Controls and MITRE ATT&CK for ICS. Ensuring that all systems are updated and patched also goes a long way.
Consider the example of URGENT/11 — a group of 11 zero-day vulnerabilities first discovered in July 2019. By December 2020, 97% of the OT devices impacted by URGENT/11 had not been patched, according to Armis research. These findings are concerning because these vulnerabilities reside in VxWorks, an operating system used by over 2 billion devices, including critical industrial, enterprise and medical devices.
Organizations such as the SANS Institute offer programs, certifications and events to help train employees on cybersecurity issues. The Cybersecurity and Infrastructure Security Agency (CISA) also provides guidance and resources to help businesses educate their employees and reinforce their cybersecurity posture.
Armis has your back, too. Visit our Resource Center to find webinars, white papers, solution and research briefs, blog posts and more content to help improve your organization’s cyber resilience.
At Armis, we believe that comprehensive asset visibility across IT, OT and IIoT is the first step toward building secure industrial environments. Our agentless platform discovers all devices in your network — even those that cannot accommodate agents — and then provides real-time asset inventory management. Our solution analyzes and classifies every device to produce a risk assessment. Within seconds of deployment, you will have several types of incident responses for assets in your environment.
The Armis Agentless Device Security Platform continuously monitors all network traffic to detect threats and abnormal device or user behavior. We do it passively because scans are dangerous in the OT and ICS world and can cause devices to crash, causing safety concerns or leading to unplanned downtime.
The Armis Platform can understand the context of each device. Our Device Knowledgebase can compare the behavior of devices in real-time with multiple crowd-sourced baselines to detect abnormal activity.
Empowered by the Armis Platform, you can take action to protect your OT environment. Alerts can be triggered by a misconfiguration, policy violation or abnormal device behavior. And with integrations into security enforcement points (for example, firewalls and NAC systems), the Armis Platform can provide proactive network segmentation and automated incident response to protect your data.
Our platform has been named a leader in OT security, as per the latest ISG report. Book a demo, and we’ll show you why. We’ll walk you through our platform and all it can do to secure all your assets in the Industry 4.0 era.
Check out all IT OT Convergence Playbook Chapters:
Did you enjoy the OT/IT Playbook? Try the Armis Platform to monitor and secure all assets. 👉 Request Demo
Sign up to receive the latest news