Last month, I joined Martin Kuppinger and Alexei Balaganski in a webinar titled “Industrial Control System Security: Getting a Grip on OT Cyber Security.”
To start the webinar, Kuppinger, founder and principal analyst for KuppingerCole, discussed the challenges presented to securing technology in the modern business. “The computing troika” presented by Kuppinger demonstrates the challenge Internet connectivity presents. Cloud computing, mobile computing and social computing are all driving increased network connectivity. The “Internet of Things” means every “thing” has a CPU and a network connection, and every employee carries with them many “things” and uses these and many more connected “things” all day long.
Balaganski, senior analyst for KuppingerCole, illustrated the differences between IT and OT in terms of their scope, devices and focus. IT security is about confidentiality, authenticity and business continuity. OT security, on the other hand, is focused primarily on defending personnel safety systems and equipment protection systems, and secondarily on defending the correct and reliable operation of the industrial process. This, naturally, means the consequences of failure for IT and OT security systems are far different.
Waterfall then discussed IT/OT integration solutions. The fundamental problem with greater connectivity is that all software can be compromised, such compromise can propagate via network messages and, fundamentally, firewalls forward messages. Firewall are routers with filters – they look at each message and either forward it, or not. Why does it make any sense to forward messages from IT networks, which are constantly exposed to attack from electronic mail and the Internet, to industrial networks, which control costly and dangerous physical processes? Every such message could be an attack.
Unidirectional Security Gateways allow information from industrial networks to travel to corporate networks, where business users and applications can query that data and profit from it, without ever allowing a message or any information at all back into the control system network. Hardware-enforced security solutions allow organizations to access real-time data as necessary, without the possibility of any attack reaching from the Internet or the corporate network through the system to threaten operations.
Listen to the webinar here. When you do, let us know what you think.