A new Skybox research study, “Cybersecurity risk underestimated by operational technology organizations” finds that network complexity, functional silos, supply chain risk, and limited vulnerability remediation options impede companies from securing their OT systems.
Over 78% of all respondents and 75% of CISOs and CIOs said complexity due to multivendor technologies pose a challenge to gaining complete visibility across their attack surface. In addition, 96% of energy and 87% of utilities respondents said the same.
Almost half of CISOs and CIOs said disjointed architecture across OT and IT environments and the convergence of IT technologies are two of their top three greatest security risks. And 56% of Security Architects and engineers said that one of the most significant risks to their OT environment is that misconfigurations will open their network to bad actors.
Without complete network visibility of the IT-OT attack surface, teams cannot see misconfigurations, understand vulnerability exposure, identify access policy violations, tackle weak security controls, and improve change management capabilities. Without these insights, companies will be ill-prepared to meet today’s cybersecurity challenges. Here are five steps companies can take to navigate complexity and shore up their OT security:
1. Strengthen security posture management
Because many companies lack a proactive approach to strengthen their security posture management systems, they are often reactive due to an inherent lack of resilience. Instead, organizations should be focusing on creating mature, consistent, and enterprise-wide security posture management programs. This joint approach across the IT and OT environments enables leaders to optimize security planning, deployment, and remediation processes to reduce exposure risk.
2. Implement automation to ensure continuous compliance
The propensity for human error to muck up IT and OT security is a problem that will only worsen. And that’s why automation is so critical to maximizing security posture.
Automating workflows, such as change processes and validation, removes human errors, streamlines operations, and reduces the risk of misconfigurations. For example, automated closed-loop workflows for firewall rule creation, recertification, and de-provisioning to close security gaps, limit vulnerability exposures, and maintain continuous compliance. For large companies, this type of automation is imperative to minimizing network risks.
3. Find exposed vulnerabilities with the network model
Organizations must see and understand their entire attack surface, including IT, OT, virtual and multi-cloud networks. Illuminating the whole network provides a better, more complete foundation to understand risks anywhere in the organization. How do you do that? With a network model. A network model provides a visualization of all network elements across an organization’s various environments combined with understanding all the rules and configurations. With network modeling, you can run security assessments and simulations against all the devices, vulnerabilities, and configurations within the security environment.
Security, IT, and OT teams can gain the context needed to implement automation across a wide range of operational security processes. Network modeling provides the insights and visibility needed to perform accurate exposure analysis. The ability to prioritize the most dangerous vulnerabilities reduces downtime and other operational impacts.