Building a roadmap for OT cyber security with Rockwell

Dataquest today organized a webinar titled: Building a roadmap for OT cyber security, with Rockwell Automation.

The speakers were Sabyasachi Goswami, Connected Services Commercial Leader, Asia Pacific, Rockwell Automation and Moon Eluvangal, OT Cybersecurity Consultant, Asia Pacific, Rockwell Automation.

Sabyasachi Goswami

Goswami said that digitalization / smart manufacturing is the opportunity! Smart manufacturing and the IoT can foster tremendous business outcomes. Digitally-transformed companies are better positioned to handle business in the pandemic. Convergence is a necessity today. There are things that are operational in nature, in real time. You have to deploy ERP, MRP, materials and transport, sensors and actuators, etc., across the enterprise.

There is a debate between IT and OT. The priority is the pervasiveness of data and the confidentiality of such data. Architectures are ubiquitous in nature, and consist of the multi-tiered systems to encourage wide accessibility. End points are said to be homogeneous in nature.

Industrial targets

In the last two years, there has been damages worth $11.7 billion due to ransomware attacks. Also, 53% of industrial manufacturers have experienced a cyber security breach in their facility. Industrial companies are targets due to the legacy un-patched infrastructure and a lack of skilled resources to properly manage cyber risk. Companies are struggling to handle this. There are ICS-focused campaigns, attacks, etc. There are also things like hactivism, crime, insider threats, espionage, terrorism and warfare.

The ICS threat vectors can be on the IT network and the OT network. More than 40% are possibly from the insider threats. There are reasons, such as flat networks and weak authentication, no encryption, insecure ICS, etc. ICS can be insecure by design. There are things getting increasingly connected, and an active threat landscape.

Holistic approach

Rockwell has taken a holistic approach. A secure application depends on the multiple layers of protection. Industrial security must be implemented as a system. There is defense in depth, openness, flexibility and consistency.

The OT infrastructure best practices involves a robust, secure, scalable OT information infrastructure that is critical to digitalization and business continuity. The digitally-transformed businesses are best positioned to deal with the new normal. You have a converged plant-wide Ethernet (CPwE), industrial demilitarized zone, virtual computing or industrial data center, industrial cyber security, digital installed base, and OT managed services.

There is the ISA/IEC 62443 is a series of standards that define the procedures for implementing the electronically secure industrial automation and control systems. We help to secure the infrastructure, solutions, and products. The ISA 95 is part of the ICS network architecture best practices.

Goswamy said: "Visibility is the key! You need to know what you have, and what its attack surface is. Where is the asset physically located? What is the operational purpose of the attack? Visibility can drive your cyber security approach. You need to identify and protect, detect, and respond and recover, before, during and after any cyber attack. You can build a secure, robust, future-ready network for your connected enterprise. Assess, design, implement and monitor."

Rockwell Automation took an example of a global pharmaceutical company having 64 sites. They did network segmentation across 64 sites. There was deployment of threat detection services. There was focus on end-point security strategy. There was another North American oil and gas company, with 17 sites.

The steps taken have definitely improved the global OT cyber hygiene. It minimized the business continuity risk by reducing the probability of downtime due to a cyber security attack.

At the webinar, at least 57% participants were said to be working on developing a roadmap for cyber security in the industrial control system.

Approaches to take

Goswami advised that there is risk management. You need to create your own roadmap and profile. There is a need to streamline the OT security, standardization and improvement. There is a need to establish the asset visibility, determining the current risk posture, develop a base cyber hygiene program, and have OT network readiness.

The more foundational approach involves reviewing comprehensive installed base, deploy segmentation between the IT and OT environments, secure endpoints, deploy continuous threat detection, etc. A better approach involves modernizing the installed base, modernizing the OT network, etc.

Rockwell supports the complete project and system life cycle. It can help you assess the framework, and be a strategic advisor, and an IT/OT security practitioner, etc. Our partner ecosystem consists of security experts to help address the security concerns. Planning the roadmap is the most important thing! You need to do a strategy review, identify opportunity, etc. It  is the entire digitalization strategy. Manufacturing companies focus on their job, and not on IT/OT.

According to Eluvangal, Rockwell can manage the network 24/7. We are able to bring in managed services to augment the customers' capabilities. We can give secure remote access to the customers, if needed.

Goswami added that it is the current and the future states. We need to assess your assets. Do I assess the network or the security posture? That is a good starting point. We have the different assessment capabilities.