Who takes care of security in the OT?

24. June, 2021

IT and OT are growing closer together – with many opportunities on the one hand and a risk that needs to be actively hedged on the other. The Confare Digital CIO ThinkTank about IT-OT convergence provided exciting insights into both worlds and helpful tips from the experts.

With the question, “Who is responsible for OT security at your company?” OT security specialist and market leader Nozomi Networks likes to trigger a thought process. “Usually, the person in charge of the plant raises his or her hand. However, when asked, ‘Physical security or cybersecurity?’ he points to IT – and IT turn points back to OT, because, ‘After all, we’re not allowed to do anything at all in OT.'” This is how Will Stefan Roth, Sales Director DACH, Eastern Europe & Baltics at Nozomi Networks, experiences many typical initial discussions with companies: “Often, processes are not yet really aligned. In recent months, however, we have observed a change in thinking, things are moving in the right direction. ”

Focus on solutions instead of technologies

The OT security industry is comparatively young. At the moment, companies are becoming more aware, and project teams are being set up. They are the first key to success, as an industrial cyber security expert and OT practitioner Herbert Dirnberger of IKARUS knows: “The secret of good convergence is to set up interdisciplinary teams that are not technology-focused, but solution-focused. Different languages, locations, training – the more colourful, the better!”

“We have to start looking at IT and OT as a total work of art. You can’t have IT security without OT security, and you can’t have OT security without IT security,” Will Stefan Roth explains the interdisciplinary approach: “In operational technology, security has a lot to do with transparency – I can’t protect what I can’t see. Our technologies make production networks visible, including asset inventory, communication, protocols, process variables, manufacturers, firmware and current device status. At the same time, thanks to threat intelligence, we provide a great deal of information that is also of interest to IT – from system-related vulnerabilities to learned or predefined deviations and anomalies. ”

IT and OT security in individual steps

In daily business, most threats come from IT. Threats such as ransomware attacks can spread to OT with devastating consequences. “Secure networking of IT and OT is nevertheless feasible,” knows Herbert Dirnberger: “If it’s done right, it’s even easy to do.” Stefan Roth also wants to confirm: “Even with the means already available, a significantly higher level of security can usually be achieved by optimizing the segmentation and configuration of the networks.” Security can and may also be implemented in individual steps.

The Defense-in-Depth concept describes well-planned and lived OT security rolled out in three layers: Plant Security includes the physical approach to the plant, Network Security includes secure network communications, and System Integrity includes operational measures and set screws. Cybersecurity begins with a risk assessment across the entire IT, OT and IoT environment – providing visibility to all assets. Nozomi Guardian’s technology automatically detects and visualizes industrial assets and their multiple protocols. Thanks to seamless integration into a Security Operation Center, all security-relevant data from IT and OT systems can be brought together.

As a Platinum Partner and local system integrator, IKARUS provides companies with the ability and resources to use the technologies of Nozomi (OT security), FireEye (SOC/SIEM) and IKARUS (malware protection) in a resource-efficient manner, i.e. without increasing the operational effort. You receive the tools and knowledge to automatically create an up-to-date, holistic cybersecurity situation picture at any time, to reliably protect against misconduct, insecure configurations, anomalies and threats, and to detect complex attacks. Only in this way can you react in real-time and minimize or avert the potentially severe consequences.

Ask us your questions at sales@ikarus.at or +43 1 58995-500!

Also worth reading:

IKARUS managed defense: Transparency and Security in IT, OT and ICS environments

SIEM

What is a SIEM?

Nozomi Guardian Air
HarfangLab Guard
MITRE ATT&CK Framework
v.l.n.r.: Joe Pichlmayr (CEO IKARUS) – Anouck Teiller (CSO HarfangLab) –Alexander van der Bellen (Bundespräsident Österreich) - Frédéric Joureau (Erster Botschaftsrat der französischen Botschaft in Wien) – Christian Fritz (COO IKARUS)
EDR
Cyber Kill Chain
Business Email Compromise
Prognosen für die zehn größten Cybersecurity-Bedrohungen für 2030
E-Mail Verschlüsselung
Schritt für Schritt zum Notfallplan für IT-Security-Incidents
Account Management
Bedrohung
Indicators of Attack
Gefahren durch vertrauenswürdige Services
Threat Intelligence

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 1 58995-0
Sales Hotline:
+43 1 58995-500
sales@ikarus.at

SUPPORT HOTLINE

Support hotline:
+43 1 58995-400
support@ikarus.at

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm
24/7 support by arrangement

Remote maintenance software:
AnyDesk Download