Cyber attacks are spreading beyond offices and data centers to industrial networks. Headlines like the attack on a Florida water treatment plant and Colonial Pipeline have captured the attention of executives and company boards concerned about uptime and safety. This risk applies across critical infrastructure operators and small industrial sites alike. Organizations of all sizes are now putting together tiger teams to implement the right IoT/OT cybersecurity measures.
Ready, set… now what?
Say you’re tasked to strengthen industrial cybersecurity. Where will you start? Guidance is hard to find. Operational technology (OT) team members typically don’t have deep expertise in cybersecurity, and information technology (IT) security experts usually aren’t familiar with the special requirements for industrial networks. For example, taking down an infected email server for an hour is an annoyance, while taking down an industrial controller in a manufacturing plant or a power substation can have dire consequences.
Clear guidance on best practices, tailored for your business
We’ve built an online tool to point you in the right direction for IoT/OT security. By answering eight simple questions, you can see how your company compares to your peers’ cyber security infrastructure and get custom recommendations for next steps. Recommendations include links to actual solutions for putting the practices in action. They’ll help you implement the NIST cybersecurity framework—identify, protect, detect, respond, and recover—in an industrial environment:
- Building a detailed inventory of the industrial devices you are defending
- Isolating the IT and OT domains, and also isolating the individual production cells (e.g., welding and painting)
- Building security policies for micro-segmentation and to protect individual assets by enforcing zones of trust in the industrial network
- Detecting anomalous behavior that could be a sign someone modified the configuration of an industrial controller
- Correlating information to investigate events across IT and OT domains
- Building playbooks to respond to attacks—and then testing your plans
- Much more
Securing industrial operations can be a daunting task. Planning is much easier with proper guidance, tailored for your situation. Build your OT/IoT security profile now.
Subscribe to the Cisco IoT Security Newsletter
to get the latest industry news on IoT Security delivered straight to your inbox.
Excellent points and resources, thanks!