Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Op-Ed: Implementing global best practices for securing operational technology infrastructure

In an increasingly digitised world, it’s crucial to minimise cyber risk and improve operational efficiencies to proactively stay ahead of potential threats.

user iconMichael Murphy
Thu, 17 Aug 2023
Op-Ed: Implementing global best practices for securing operational technology infrastructure
expand image

With critical industries relying on operational technology (OT) systems to control and monitor essential processes, ensuring the security and resilience of these systems is paramount.

Driven by the requirement for competitive advantage, OT networks continue to converge with enterprise IT networks. As a result, the air gap that once offered protection to legacy OT systems begins to diminish and departments that have traditionally been siloed are no longer as secure as they historically were. Furthermore, the rapid adoption of the internet of things (IoT) across both domains increases an organisation’s attack surface and, without complete coverage, it is not a matter of “if” but “when” an opportunistic attack will occur.

Fortunately, there are three global best practices for securing OT infrastructure that businesses can, and should, implement to minimise cyber risk:

============
============

1. Understand the threat landscape

It’s critical for organisations to get a clear understanding of their cyber threat landscape. One key aspect of this is intelligence sharing, which involves actively participating in threat management initiatives. By exchanging information and insights with relevant stakeholders, businesses can enhance their understanding of potential threats and stay one step ahead.

Additionally, leveraging threat feeds offers valuable preventative intelligence by providing real-time updates on emerging threats, letting organisations proactively fortify their defences. Understanding the threat landscape also means adopting an “assume breached” mindset, where businesses acknowledge the possibility of breaches and focus on continuous monitoring, detection, and response capabilities.

2. Adopt a zero-trust mindset

The goal of a zero-trust mindset shift is to treat all devices as potential threats, which is crucial for enforcing robust security policies through network controls. One key aspect of zero trust is segmentation, which involves creating small zones of control within the network. By dividing the network, organisations can minimise the impact of potential breaches and limit unauthorised access.

Another important element is the use of application signatures to control access to applications, data, and resources. This ensures that only authorised entities can interact with specific applications and sensitive information. Granting access privileges based on the principle of least privilege is essential. By providing users with only the necessary access based on their roles or needs, businesses can reduce the attack surface and enforce proper segmentation and access control rules.

3. Deploy a defence-in-depth strategy

Defence-in-depth (DID) is an approach that involves deploying layered defence mechanisms to minimise the risk of cyber threats and provide holistic protection of an organisation’s assets. Rather than relying on a single solution to stop all threats, DID implements multiple layers to stop threats that manage to bypass the initial line of defence, including endpoints.

Additionally, deceptive techniques – such as honeypots, honeynets, and masking – can alert businesses and lure out attackers already in the system, providing valuable threat intelligence while averting another service disruption. Regular assessment of an organisation’s security posture, both internally and externally, is also critical to evaluate potential vulnerabilities and address them effectively.

As the world continues to undergo rapid digital transformation and work environments adapt to new technologies, businesses are faced with an unprecedented level of cyber security risks, with every point of connectivity creating a new potential area for an attack and breach. By implementing global best practices, organisations can enhance the security and resilience of their OT systems, effectively minimising cyber risks and ensuring operational continuity in the face of digitalisation, adapting work environments, and an ever-evolving threat landscape.

Michael Murphy is the acting operational technology leader, APAC, at Fortinet.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.