How to Implement Zero Trust in an ICS Environment

Cybercriminals are increasingly targeting highly valuable, often extremely vulnerable Industrial Control Systems (ICS) with sophisticated attack vectors. The threat of attacks against ICS networks makes it paramount to understand the risks and how to effectively protect these systems.

A key approach to protecting ICS is Zero Trust, which is critical as organizations look to embrace trends like the cloud, digital transformation and mobile or remote working, which further increase their attack surface.

What is Zero Trust?

Zero Trust is a security model first coined by Forrester. It ensures organizations verify all people and devices that attempt to join their network before they grant access. A Zero Trust approach moves organizations away from the traditional approach of trusting users within its network perimeters by verifying all access attempts.

What Makes ICS Vulnerable?

The ICS environment refers to the systems and devices involved in managing and enabling the control and operations of critical infrastructure services. This includes electricity and gas supplies, nuclear power plants, oil refineries and traffic systems, which are unique in that their functions are crucial to everyday life and human safety. This makes them high-profile targets for cybercriminals and, in particular, nation-state attackers.

One of the most high-profile examples of this was a coordinated cyber-attack on the Kyivoblenergo power distribution company in Ukraine in 2015. Up to 250,000 customers lost power as a result of a phishing attack that granted hackers access to computers on the company’s network then escalated their privileges.

Additional components of ICS include:

Operational Technology

ICS and Operational Technology (OT) are responsible for the direct control and monitoring of industrial assets, equipment, events and processes. For example, an unexpected alteration in the programmable logic controllers (PLCs) could cause a manufacturing plant to halt operations or take an air traffic control tower offline.

Internet of Things and Industrial IoT

The Internet of Things (IoT) refers to the billions of devices that are connected to the Internet. IoT devices are especially prevalent in the industrial IoT (IIoT), which connects and enables greater levels of insight from critical assets and devices.

These insights enable organizations to make faster and smarter business decisions that have transformed the daily operations of industrial firms. For example, having additional data available through the product design cycle has accelerated product development, real-time data enables additional production capacity for power plants and industrial artificial intelligence (AI) can be used to detect issues in refineries.

IIoT devices are frequently coupled with OT devices and communicate directly with IT systems, which runs the risk of potential vulnerabilities. Organizations must ensure they have insight into every IIoT device on their network and their potential risk without having to re-engineer their systems.

Why Zero Trust in ICS?

It’s vital for organizations to secure their critical ICS systems. They need to prevent or patch vulnerabilities as quickly as possible and continually safeguard systems against sophisticated threats.

The Zero Trust model is crucial to preventing unauthorized access to systems and containing data breaches. It’s also vital to reducing the risk of lateral movement if attackers do manage to breach networks or systems. Zero Trust concepts, like authentication, authorization and monitoring also play a key role in securing networks, critical infrastructure, hardware and machines.

Many ICS networks also rely on legacy systems or hardware that don’t comply with modern security controls and often lack access management systems. A Zero Trust approach enables businesses to protect and provide secure access to their legacy systems.

How to Implement Zero Trust in ICS

Zero Trust should augment not replace existing systems and requires a five-step implementation process:

Define the network: Organizations’ attack surface is constantly evolving, which makes protecting the entire surface an impossible task. Implementing Zero Trust begins with defining the attack surface to be protected, such as critical applications, assets, data and services.

Map traffic: The flow of traffic across the network then needs to be mapped and documented to gain insight around how resources interact. This provides context around the controls required to protect applications and data.

Architect the network: The Zero Trust architecture can be mapped to the needs of a business, starting with a next-generation firewall (NGFW). The NGFW provides a segmentation gateway or microperimeter around the business’ protected surface, which enables them to add further layers of access control and inspection.

Create a policy: With the network architected, a Zero Trust policy enables the business to whitelist devices and people. This allows them to define who should have access to which resources, where resources are accessed from and further granular enforcement to only enable legitimate traffic.

Monitor and maintain: The final step ensures the Zero Trust architecture is logged and monitored to provide valuable insight into network activity and allowing them to follow their required processes to approve updates for on-premises devices.

Protect Your Network With a Zero Trust Approach

A Zero Trust approach moves away from the concept of trusting all devices that connect to a network to securing every individual connection as and when a user or device attempts to gain access. The model makes it vastly more difficult for an attacker to gain unauthorized access.

For example, it forces a user to verify their identity before they are granted access to a network. Therefore, even if a hacker obtains a user’s login credentials they would be unable to access a system or network without verifying themselves through two-factor or multi-factor authentication.

Discover how Armis’s Zero Trust approach can help your organization bridge its security gaps and protect all your people and devices by downloading our whitepaper.

Review IT OT Convergence Playbook Chapters:

1. Chapter 1 – On OT Convergence
2. Chapter 2 – OT Air Gap Dissolved
3. Chapter 3 – Critical Infrastructure Protection
4. Chapter 4 – Secure and Monitor Industrial Environments
5. Chapter 5 – Comprehensive Network Visibility
6. Chapter 6 – Passive Network Monitoring
7. Chapter 7 – Best Practices to Protect Industrial Assets
8. Chapter 8 – ICS Security Risk Assessment
9. Chapter 9 – OT Cybersecurity Frameworks
10. Chapter 10 – Implementing Zero Trust Framework for ICS 👈 you are here
11. Chapter 11 – Armis CIS Controls protection 👉 read next chapter
12. Chapter 12 – Mitre Att&ck for ICS
13. Chapter 13 – 2021 Ransomware Attacks
14. Chapter 14 – IT/OTIntegration Best Practices