Last month, I joined Martin Kuppinger and Alexei Balaganski in a
webinar titled “Industrial Control System Security: Getting a Grip on OT Cyber
Security.”
To start the webinar, Kuppinger, founder and principal
analyst for KuppingerCole, discussed the challenges presented to securing
technology in the modern business. “The computing troika” presented by
Kuppinger demonstrates the challenge Internet connectivity presents. Cloud
computing, mobile computing and social computing are all driving increased
network connectivity. The “Internet of Things” means every “thing” has a CPU
and a network connection, and every employee carries with them many “things”
and uses these and many more connected “things” all day long.
Balaganski, senior analyst for KuppingerCole, illustrated
the differences between IT and OT in terms of their scope, devices and focus.
IT security is about confidentiality, authenticity and business continuity. OT
security, on the other hand, is focused primarily on defending personnel safety
systems and equipment protection systems, and secondarily on defending the
correct and reliable operation of the industrial process. This, naturally,
means the consequences of failure for IT and OT security systems are far
different.
Waterfall then discussed IT/OT integration solutions. The
fundamental problem with greater connectivity is that all software can be
compromised, such compromise can propagate via network messages and,
fundamentally, firewalls forward messages. Firewall are routers with filters –
they look at each message and either forward it, or not. Why does it make any
sense to forward messages from IT networks, which are constantly exposed to
attack from electronic mail and the Internet, to industrial networks, which
control costly and dangerous physical processes? Every such message could be an
attack.
Unidirectional Security Gateways allow information from
industrial networks to travel to corporate networks, where business users and
applications can query that data and profit from it, without ever allowing a
message or any information at all back into the control system network.
Hardware-enforced security solutions allow organizations to access real-time
data as necessary, without the possibility of any attack reaching from the Internet
or the corporate network through the system to threaten operations.
Listen to the webinar here. When you
do, let us know what you think.