Goldilock for Operational Technology and Critical Infrastructure Security.
What are OT and Critical Infrastructure?
Operational Technology (OT) is hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes and events in the enterprise, according to Gartner. OT is common in Industrial Control Systems (ICS) such as a SCADA System. In the world of critical infrastructure, OT may be used to control energy infrastructure, public utilities or even public transportation. As this technology advances and converges with networked tech the need for OT security grows exponentially.
Current issues and threats
Historically, industrial systems relied upon proprietary protocols and software, were manually managed and monitored by humans, and had no connection to the outside world. For this reason, they were a fairly insignificant target for hackers as there was no networked interface to attack and nothing to gain or destroy. The only way to infiltrate these systems was to obtain physical access to a terminal and this was no easy task. OT and IT integrated little and did not deal with the same kinds of vulnerabilities.
Today, it’s a very different story as we see more industrial systems brought online to deliver big data and smart analytics as well as adopt new capabilities and efficiencies through technological integrations. IT-OT convergence gives organizations a single view of industrial systems together with process management solutions that ensure accurate information is delivered to people, machines, switches, sensors and devices at the right time and in the best format. When IT and OT systems work in harmony together, new efficiencies are discovered, systems can be remotely monitored and managed and organizations can realize the same security benefits that are used on administrative IT systems.
This transition from closed to open systems has generated a slew of new security risks that need to be addressed.
Why is OT Security Important?
As industrial systems become more connected, they also become more exposed to vulnerabilities. The high cost of industrial equipment and the devastation to communities and economies that an attack could generate are key factors for organizations looking to protect their industrial networks. Add legacy equipment, safety regulations that may prohibit any modifications being made to equipment and compliance regulations that require sensitive data to be made available to third parties, and you have quite a challenge on your hands.
The good news is that it is possible to secure industrial networks without disrupting operations or risking non-compliance. By returning to the basics or keeping those assets completely physically disconnected, or having the ability to completely physically disconnect them remotely and instantaneously without using the internet, you can protect your processes, people and profit and exponentially reduce security vulnerabilities and incidents.
Securing Today’s Industrial Networks
More good news is that industrial environments usually have lower volumes of traffic than IT environments. Much of the traffic is traveling between determined endpoints and therefore can be selectively either released or accessed or segregated more easily than traffic that is generated on an IT network. Using TruAirgap™ from Goldilock can significantly reduce, if not eliminate the attack surface, all the while enabling complete control of the assets on a selective basis. TruAirgap™ can be used to prevent attacks, by keeping the assets completely off of the internet, or to instantly mitigate and attack by creating a ‘kill-switch’ to instantly, and remotely remove them from the internet entirely before an attack spreads.