{"id":292,"date":"2021-10-20T13:22:58","date_gmt":"2021-10-20T13:22:58","guid":{"rendered":"https:\/\/companies.mybroadband.co.za\/solid8\/?p=292"},"modified":"2021-10-20T13:22:58","modified_gmt":"2021-10-20T13:22:58","slug":"three-ways-to-modernize-your-ot-security-programs","status":"publish","type":"post","link":"https:\/\/companies.mybroadband.co.za\/solid8\/2021\/10\/20\/three-ways-to-modernize-your-ot-security-programs\/","title":{"rendered":"Three ways to modernize your OT security programs"},"content":{"rendered":"

By Terry Oleas, Skybox Security Sept 28, 2021<\/em><\/p>\n

Research reveals OT vulnerabilities increased by 46%, necessitating a new approach to OT security.<\/p>\n

Exponential growth in OT vulnerabilities. Increased cyber-attacks on OT systems. Fruitless technology investments. Siloed technologies and teams.<\/p>\n

Research findings in Skybox\u2019s\u00a0Vulnerability and Threat Trends Mid-Year Report<\/a><\/strong>\u00a02021 unearths a dire need for organizations to modernize their OT security programs.\u00a0 An exponential growth in OT vulnerabilities has predictably led to an increase in cyber-attacks on OT systems. Additionally, Skybox Research Lab discovered the frequency and scope of malicious activity are increasing apace and companies with siloed technologies and disjointed teams are helpless to stop them. Exploits in the wild are on the upswing, as this report details, and 2021 has seen some of the most audacious and potentially devastating cyberattacks in history. The most disturbing thing is that many of today\u2019s emerging attacks are designed not to just hurt businesses financially but injure people too.<\/p>\n

One area that saw a particularly sharp increase in vulnerabilities in H1 2021 is operational technology (OT), with 519 CVEs (critical vulnerabilities and exposures) reported by CISA, compared to 356 CVEs in H1 2020. That\u2019s a leap of 46%. CISA advisories on OT vulnerabilities grew similarly, by 45%.<\/p>\n

OT is the control system and backbone of energy providers and other basic utilities, communication systems, building automation, physical security systems, vehicle controls, and more. They\u2019re a prized target for bad actors. Frighteningly enough, many OT attacks are not always financially motivated \u2014 sometimes it\u2019s the thrill of creating devastation and mayhem.<\/p>\n

For example, the recent Florida water plant hack was not ransomware \u2014 it was the desire to create chaos. Simply put, this was the evil work of a Joker disciple, who got jollies from seeing the world burn. The bad news is that OT breaches are not comic book fantasies and sadly security measures are often weak. And unfortunately, there\u2019s no superhero to save the day; in fact, there aren\u2019t even enough OT skilled resources.<\/p>\n

According to Gartner, organizations continue to face growing shortages of hands-on technicians with the skills to attend to OT devices.<\/p>\n

OT security teams are flying blind in the dark<\/strong><\/h3>\n

While OT vulnerabilities have become a favorite target of threat actors, those same flaws are often invisible to security teams. That\u2019s because many OT systems are hard or impossible to scan. At best, companies scan them infrequently (once or twice a year) because they can\u2019t afford to take these mission-critical systems offline or degrade service. Likewise, patching many OT systems is technically impossible, or too cumbersome and costly to address all vulnerabilities.<\/p>\n

As a result, reliance on traditional scan-and-patch methods is a non-starter when it comes to OT security. Security teams can\u2019t find most OT vulnerabilities by scanning alone, and even if they could, they couldn\u2019t remediate those flaws with patching. A new approach is needed, one that not only improves detection and eliminates the blind spots, but also facilitates targeted, effective remediation by identifying actual exposures and implementing effective security controls such as network segmentation and IPS systems to prevent unauthorized access.<\/p>\n

If the findings in this report make one thing clear, it\u2019s that traditional approaches to vulnerability management are falling further and further behind. Too many assets are difficult or impossible to scan. Vulnerabilities are too numerous, threats too varied, and infrastructure too complicated (fragmented, siloed, and heterogeneous) to secure using conventional, largely manual processes. Finding and patching all vulnerabilities is simply out of the question, and the criteria typically used to prioritize remediation efforts is often misleading.<\/p>\n

Throwing money at OT security doesn\u2019t work<\/strong><\/h3>\n

As a result, IT and security teams are caught in a vicious cycle, spending more money and resources on increasingly ineffective measures, while failing to keep pace with the rapidly evolving threat landscape.<\/p>\n

Managing OT security is a responsibility that should be shared among every role across the security organization. Unfortunately, the use of siloed firewalls and disparate security tools has made it impossible for any single person on the team to have the visibility and insights needed to secure these OT systems. Even worse, these disjointed security tools have also made it impossible for teams to collectively view insights that help prioritize patching critical vulnerabilities and even prevent breaches.<\/p>\n

Security teams are beginning to rethink their approach to OT security. Band-Aids don\u2019t work. A foundational overhaul is needed that supports visibility across IT networks and OT systems.<\/p>\n

Siloed systems challenge every security team member<\/strong><\/h3>\n

There\u2019s no way around it: teams need a platform that connects, aggregates and normalizes the data across these disparate tools to provide teams with holistic visibility to analyze where to focus remediation efforts. Without that visibility, everyone ends up flying blind in the dark, struggling to fulfill their responsibilities.<\/p>\n