How to Implement Zero Trust Architecture in OT Environment

how can we implement zero trust architecture in an ot environment uh so we start that’s a great question uh again uh one of the most first things to implement a complete zero uh trust architecture is to start early on in the design phase of uh the ota environment and knowing that we will not be able to go back because the infrastructure already is in place so the first thing we can currently propose is usually what we work with our customers is even before uh you know deploying the product or installing technology that can focus on what the security detection or the response should look like the first thing we look at is what are the current uh you know accesses what is the threat assessment and threat landscape look like so based on the scanning we say hey there could be a policy checks that are done and then uh what are the accesses uh who has the accesses who are authorized to use either the whole network or even a part of the network and then map this out telling that is this access even available and then following the uh you know methodology of least privileges so first thing is if anybody has uh does not require an access in this case uh accessing any type of your ot environment or any endpoints in the ot environment then it should be revoked or completely removed so that’s the first step then we move on to the technology aspects of it where now we are seeing that there are quite a lot of you know ip and ot integrated uh environment uh and environmental issues that we are seeing a lot so what systems uh how how exactly are these message communications happening uh are we seeing there are any certain type of koti commands so sometimes uh inheritory we have seen that there are specific ot commands that are being executed and run on some of these devices just for testing for certain type of checks that are performing so making sure that who’s executing this command are these uh and then looking at these systems devices uh end of the day they could be a linux uh they could be a windows based systems or servers and what are the uh you know basically looking at what are the commands that are allowed to be executed in this of the environment and disable anything that is not allowed and then uh doing a through architectural analysis uh based on the vulnerability assessment and testing of those devices and then addressing those vulnerabilities so i i think these are the top two to three ways how we can actually start looking at zero trust uh for the overall uh you know infrastructure uh within the ot environment and then continue to maintain it

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to Top