How an International Airport Manages Cyber Exposure Risk with a Diverse IT/OT/IIoT Environment

An international airport is a large critical infrastructure organization that operates in a complex environment of OT-IT-IIoT assets. The airport’s digital security team had limited security governance, initial asset documentation, and a partial work process to identify and reduce security risks. They sought a solution that would provide:

• Comprehensive OT-IT-IIoT asset visibility to identify and inventory all of the airport’s digital assets and their configuration details
• Digital security risk governance to support the security team with a ‘big picture’ management view of the airport’s digital security and operational technology systems
• Prioritize risks based on business and operational impact
• Feasible risk mitigation steps in a facility that could not regularly schedule downtime for maintenance
• Automated, efficient, and effective security operations
• Streamline existing workflow processes for SOC teams and asset owners

The Challenge

Prior to engaging with Armis, this customer maintained limited security governance across its OT, IT, and IIoT environments, lacking the comprehensive oversight needed to effectively monitor and manage its digital asset landscape. The airport’s OT security team had constrained capabilities for orchestrating and enforcing internal OT risk management workflows.

Asset visibility was rudimentary, with only baseline discovery of OT-IT-IIoT devices and minimal system automation to track asset configurations, firmware versions, and network connectivity. While there was partial awareness of security gaps within the OT network, the organization lacked a structured, actionable framework for prioritizing and addressing risks across its converged infrastructure.

Continue Reading