When it comes to IoT and OT security, vendors will tell you how important it is to have a cybersecurity solution in place. Yes, one cannot keep hackers at bay using firewalls or air gaps alone. But in addition to a cybersecurity solution, your industrial control systems (ICS), SCADA systems, PLCs, networks, and IoT devices can certainly do with a lot more diligence in formulating and deploying cybersecurity best practices. We are talking about simple practices that can improve your odds in the fight against hackers and cybercrime.
We have put together a few of these important IoT and OT security measures here:
- Improve patch management: this includes automating the discovery of unpatched systems and application of patches as and when they are made available. The entire lifecycle including the discovery of devices and systems, patch approval, distribution of updates, system and device reboot and finally logging of patch status should be automated
- Your cybersecurity team should ideally track Common Vulnerabilities and Exposures (CVEs) announcements and in case a patch for a vulnerability is not made available immediately, you can reach out to the OEM and ask for it or quarantine the affected systems till the patch is released. Vulnerabilities as old as months and years have been used in recent instances of ransomware attacks
- Know what is connected and why: in some oil and gas, and industrial control system deployments, we came across devices that were of 90’s vintage and not only were they unpatched for years together, but the OT operator in this case was not quite sure about the role of some of the devices. Your device and infrastructure inventory has to be updated frequently and these updates should be managed centrally by an inventory management team
- Run tabletop exercise, simulate an event: see how various teams respond to a IoT and OT Security incident, and more importantly, figure out how much of your data and infrastructure is at risk. This is not just from a cyberattack, but also missteps or mistakes in decision-making in the aftermath. It is better to have these errors show up during drills rather than during a real cyberattack
- Conduct audits at least once a month to ensure that you are adequately prepared to handle an incident from threat detection to neutralization and continuity of business perspective
- Always pay more attention to health and safety equipment and controls. Ensure that they are tamper-proof and working with adequate levels of IoT and OT security
- Sensitize employees on the need to be risk aware at all times. Convey a number to indicate the potential loss that the business could incur because of a cyberattack. This number should be based on analyzed data rather than raw assumptions.
These small steps can go a long way in securing your business and in raising awareness among employees. Beyond this, you can also look at going for IoT and OT focused threat intelligence, micro segmentation, and employee certification on cybersecurity to improve your overall IoT and OT security posture.
Try our rich IoT and OT-focused cyber threat intelligence feeds for free, here: IoT and OT Focused Cyber Threat Intelligence
Planning to upgrade your cybersecurity measures? Talk to our IoT and OT security experts here: Reach out to sectrio.
Visit our compliance center to advance your compliance measures to NIST and IEC standards: Compliance Center