Waterfall, Kuppinger Cole Highlight OT Challenges, Solutions in Webinar

Last month, I joined Martin Kuppinger and Alexei Balaganski in a webinar titled “Industrial Control System Security: Getting a Grip on OT Cyber Security.”

To start the webinar, Kuppinger, founder and principal analyst for KuppingerCole, discussed the challenges presented to securing technology in the modern business. “The computing troika” presented by Kuppinger demonstrates the challenge Internet connectivity presents. Cloud computing, mobile computing and social computing are all driving increased network connectivity. The “Internet of Things” means every “thing” has a CPU and a network connection, and every employee carries with them many “things” and uses these and many more connected “things” all day long.

Balaganski, senior analyst for KuppingerCole, illustrated the differences between IT and OT in terms of their scope, devices and focus. IT security is about confidentiality, authenticity and business continuity. OT security, on the other hand, is focused primarily on defending personnel safety systems and equipment protection systems, and secondarily on defending the correct and reliable operation of the industrial process. This, naturally, means the consequences of failure for IT and OT security systems are far different.

Waterfall then discussed IT/OT integration solutions. The fundamental problem with greater connectivity is that all software can be compromised, such compromise can propagate via network messages and, fundamentally, firewalls forward messages. Firewall are routers with filters – they look at each message and either forward it, or not. Why does it make any sense to forward messages from IT networks, which are constantly exposed to attack from electronic mail and the Internet, to industrial networks, which control costly and dangerous physical processes? Every such message could be an attack.

Unidirectional Security Gateways allow information from industrial networks to travel to corporate networks, where business users and applications can query that data and profit from it, without ever allowing a message or any information at all back into the control system network. Hardware-enforced security solutions allow organizations to access real-time data as necessary, without the possibility of any attack reaching from the Internet or the corporate network through the system to threaten operations.

Listen to the webinar here. When you do, let us know what you think.

March 5th - Joint webinar with KuppingerCole: Unique challenges of protecting OT networks and non-critical infrastructures

We are pleased to offer a webinar that Waterfall is presenting together with leading industry analysts KuppingerCole. The webinar takes place this Thursday 5^th March and will focus on the common problems and unique challenges of protecting operational technology (OT) networks in critical and non-critical infrastructures.

In the first part of the webinar, Marin Kuppinger, founder and principal analyst, and Alexei Balaganski, senior analyst at KuppingerCole, will examine the field of industrial network security and explore security challenges that the industry faces. They will also discuss how trends in IT are shaping industrial security solutions and highlight the possibility of convergence between traditional and industrial network security.

The second part of the webinar will feature insights into industrial security challenges not addressed by traditional IT security products. The difference between IT systems and control systems is control. The consequences of bad control are unacceptable. We can’t “back up” a boiler, or a transformer. Control systems are targets every day. Best practices are evolving.

Tune in to learn:

1. What makes industrial control systems (ICS) so difficult to secure;

2. How IT cyber security is similar to and different from OT cyber security; and

3. Why hardware-enforced protection is essential.

The webinar, “Common Problems and Unique Challenges of Protecting OT networks in Critical and Non-Critical Infrastructures,” takes place on March 5^th at 4:00 p.m. CET, 10:00 a.m. EST, 7:00 a.m. PST.

Register here for the Challenges of protecting OT networks in Critical and Non-Critical Infrastructures and continue to check out Waterfall Security Solutions on Facebook for company updates.