Gå direkt till innehåll
The IoT / OT challenge

Blogginlägg -

The IoT / OT challenge

”No one wants hackers to turn off power supply, nor change product compilations or steal data.” – Wim De Smet, CTO @ SecureLink

The problem with IoT and OT devices is that they aren’t designed with security in mind. Many operational devices for example run for 30 years, whereas their software is often outdated after 10. IoT devices in their turn, often lack security by design. This means that the code that goes with them, isn’t secure most of the time. Translation: they are easily compromised.

Besides, IoT and OT devices carry very important data you don’t want to lose. Just think of patient data in healthcare, ID information or secret recipes. Data itself is a new economy. It has great value and power which you don’t want to share with malicious actors.

Industry: productivity or security?

Production is often given priority to security. But networks have changed. Whereas the operational technology used to be separated from the IT network, it is now often connected to it. This makes it easier to report measurements for example, but it might have a negative effect on your security.

As the corporate network and the OT network are merging, security needs to be strengthened. And yes, if you don’t add the required security controls, you might experience downtime and data leakage. Security stands for uptime, not downtime. We need to cut out the assumption that it is the other way around.

How to secure your OT network?

It is highly recommended to proactively monitor for vulnerabilities and to segment your network. You can put your devices in separate VLANs to reduce the attack surface.

If you want to give third parties access to these OT networks for support or measurements, we advise you to use a Virtual Desktop Infrastructure (VDI) solution that disconnects the third party from the OT network. If you want to have audit trails you could also log the activities on these VDI clients.

You need to create visibility too. This can be done through specialized industrial control system monitoring tools that will give you more insights into which assets e.g. PLCs, SCADA, DCS are active on your OT network and what they are doing.

Healthcare: what about 3d party IoT devices?

A lot of healthcare organizations rely on third-party healthcare IoT devices. These devices often send information to third-party platforms which means you give away part of your control/data.

How to secure your IoT network

Be very careful about which devices you grant access to your network, and, to each other. Not all of them should be able to communicate. That is why we recommend segmentation of your IoT network through a next-generation firewall. Next-generation firewalls can also determine command & control traffic and scan for other vulnerabilities.

The majority of IoT and OT devices collect statistics and send them to a central environment. Many of these central environments are hosted in the cloud and thus accessible by anyone from anywhere, this means that Multi-Factor Authentication is a must for these solutions.

Then, last but not least, we advise you to equally protect the central environment against DDoS attacks with an MQTT broker.

SecureLink can assist you in designing this central infrastructure in a scalable, redundant and secure way, whether it is hosted in the cloud or on-premise.

Prevent, Detect and Respond

So far, there have already been several security incidents with IoT/OT devices. Most of the time, this results in shutting down production. This might seem far removed from your business, but don’t forget that such incidents can happen to you too. It might not be tomorrow, but you’d better be prepared.

So, apart from prevention and detection capabilities, you also need to have a good response process in place. You want the impact of a breach to be as low as possible to guarantee continuity and your good brand name.

SecureLink helps you map your risk. Don’t hesitate to contact our experts.

Ämnen

Kategorier

Regioner

Kontakter

Relaterat innehåll

  • Top 5 tips: How to secure your Cloud environment?

    Top 5 tips: How to secure your Cloud environment?

    According to the RightScale State of the Cloud Report, 96% of organizations already opted for the Cloud. 77% of those cloud users still worry about its security. It is essential to keep in mind that the Cloud provider is only responsible for the security of the underlying platform. Your organization needs to take care of your data and access rights. Here are some tips:

  • Innovation or proven-value? What to choose?

    Innovation or proven-value? What to choose?

    Hackers are continually finding new technologies for sophisticated attacks. Companies need to make sure they catch up and are able to prevent, detect and respond. It is often difficult to decide whether to opt for innovation or not. But, every environment is different, so each company should test whether the new technology fits their business-purpose.

  • How to secure the growing number of mobile devices?

    How to secure the growing number of mobile devices?

    It is essential to classify your data. You need to know which data you have, where it resides and how it is processed and by whom. Users play a significant role as they are the ones that use your applications and data in their workspace. The new generation of employees wants to work anytime, anywhere and on any device. However, this mobility requires additional security.