Jim Christian, is mCloud's Chief Product and Technology Officer. An industry veteran of over 35 years, Jim leads mCloud's R&D and works to bring emerging technologies into mCloud's portfolio of solutions.
As we move into 2022, cybersecurity has become a top priority for many business leaders as they continue to plan the future of the companies they manage. This issue is especially important in the industrial sector, which is seeing increasing dependence on process automation and monitoring capabilities, in the form of “Operational Technology” (or “OT” for short) to remain competitive. These OT devices now connect critical infrastructure to the Internet, opening them up as potential vectors for malicious actors to exploit.
Just think back to the Colonial Pipeline fiasco in the summer of 2021. The company suffered a ransomware attack targeting the equipment used to operate the pipeline. They were forced to freeze all operations to contain the attack, paying millions in ransom to address the situation. The Colonial Pipeline attack highlights why IT (and now OT) teams in industrial sectors need to be constantly upping their cybersecurity game.
There are a number of additional strategies which can be adopted to further protect a company from cyber pitfalls, particularly as pertains to its operational technology, rather than its information technology. If you operate or maintain industrial assets with OT capabilities, there are some easy, often overlooked, ways to up your cybersecurity game. Here are three of them:
#1 – Detection before prevention.
In industrial settings, the prevention of cybersecurity attacks through techniques such as isolation and firewalls has been the principal focus, like preventing a home invasion by installing secure door locks and upgrading your windows. Effective prevention often greatly enhanced when applied in conjunction with methods to detect potential threats.
Detection adds another layer of defence, much in the same way a home’s security can be improved through the deployment of surveillance cameras, smart doorbells, and motion sensitive lighting. OT detection solutions are now commercially available (check out mCloud’s own OT detection capabilities, powered by our friends at Armis) enabling the detection of any suspicious activity more quickly, and helping to prevent or limit any potential damage before it’s too late. You might be surprised by how many old and risky Windows 2003 servers (a product that hasn’t been supported by Microsoft for nearly seven years) your business may still have in operation!
#2 – A “zero trust” approach makes assets harder to crack.
You may be familiar with “virtual private networks,” or VPNs, which are commonly used across many organizations to facilitate remote access to internal systems. While VPNs are often perceived to be secure, they’re often not as secure as they could be because what a VPN does is basically open up a pipe between two networks. Generally speaking, users can do anything they like through that pipe. A VPN may be secure in the sense it can be difficult to gain access to the pipe to be able to do things, but once inside, many VPNs set few restrictions.
Building access incorporating zero trust principles means, instead of opening up a pipe where anyone can do anything once authorized for access, you only open up selected traffic or protocols. For instance, instead of an employee accessing their company network via VPN, the company might set up access such that even individuals who have gained access to a system can only access specific applications inside the system. As a result, limiting user access can become an effective means of limiting potential cybersecurity risks.
#3 – Cover your blind spots.
In concert with #1 and #2, it is important to think critically about your systems, how they’re organized, identifying potential weak points and ensuring there are plans to address them. The world’s best lock on your front door isn’t worth much if there isn’t one on your back door as well. Constant analysis and consideration of different possible scenarios will lead to better threat identification, and ultimately threat mitigation.
2022 may be a banner year for the adoption of OT systems and capabilities across industrial settings. Taking a thoughtful, proactive approach to mitigating and managing cybersecurity risks can make life much easier down the road – and your facilities much less attractive to malicious actors.