About the Author
Aruba Corporate Marketing blogs help you keep up with the latest network trends and news. Blogs are written by current and past Arubans employees. If you have any questions about these blogs, feel free...
Full bio包括工业控制系统(IC)和监督控制和数据采集(SCADA)的操作技术(OT),用于直接监控和控制能源,电信,水和浪费的关键基础设施。这些复杂的系统对于运行工业系统的发电机,泵,阀门,执行器和其他设备至关重要。
Growing OT Security Challenges
Historically, industrial systems used proprietary, non-IT protocols and were isolated from the Internet. Stringent physical controls were usually in place to deter any potential cyberattacks. However, this once-isolated world has evolved dramatically.
Industrial systems are now being connected to enterprise networks and the cloud to leverage big data, predictive maintenance and smart analytics. Companies are adopting new capabilities and efficiencies through technological integrations to gain a competitive advantage.
The IT-OT convergence brings new security risks, such as lack of proper asset inventory, no visibility into OT behaviors, and a lack of security controls. Access control lists (ACLs) are unmanageable (if they even exist) and standard enterprise security tools, such as firewalls and network access control, do not have any visibility or understanding of the OT network.
Understanding the IT-OT Risk
According to theCyberX Global ICS & IIoT Risk Report 2020 report,我们看到了惊人的数字公关的漏洞oduction ICS systems that threaten business survivability.
Cyber X研究基于六大大陆和所有部门(能源和公用事业,石油和天然气,药品,化学品,制造和采矿)的850多个生产ICS网络。Read the full study.
Industrial control systems are usually high cost and demand 100% uptime. It would be a diaster to communities and even a country’s economy if critical infrastructure services were attacked.
The challenge is amplified with regulatory, safety and compliance requirements to safeguard such systems, such as Singapore’s IMDA IoT Cyber Security Guide, which strengthens the protection of critical infrastructure against cyberattacks, or Japan’s efforts to strengthen cybersecurity measures in advance of the 2020 Tokyo Olympic Games.
Start with a Security Framework
Organizations wanting to strengthen OT security can start by incorporating guidelines from the NIST special publication 800-82 Guide to Industrial Control Systems (ICS) Security into their security frameworks.
Maturity of OT/ICS security in an organization.
Leverage Security Automation to Ensure Continued Operations
Aruba, together with OT security vendors such as CyberX, provide solutions at each step of the maturity model from complete visibility into network control traffic and comprehensive monitoring and technical controls to applying the right security policies.
With our joint solution, security automation can be put in place to quarantine and block devices based on detected zero-day threats. The solution can remediate machines with outdated or noncompliant software and deploy remediation policies for controllers running firmware with known vulnerabilities.
It is critical to have an OT strategy in line with a security framework in place to protect both the enterprise and ICS environment, ultimately reducing security vulnerabilities and incidents to maintain business continuity.
Get more information on the joint Aruba and CyberX solution.
