As cyberthreats continue to evolve, so must the countermeasures we take to deal with them.
SANS, the preeminent international organization for cybersecurity leadership, training and certification, recently conducted a survey on ICS/OT security for a broad range of industry verticals ranging from energy, chemical, critical manufacturing and nuclear , water management and more to ascertain where these industries invest when it comes to their ICS/OT cybersecurity coverage. Here are three takeaways from the survey results.
Focus on visibility into all connected assets across the network
At the top of the list of initiatives to act on in the next 18 months for over 41% of the interviewees we find the desire to improve visibility on assets connected to the network. Having a solution in place that provides the operator with a clear picture of what is connected on the network, key information about the devices present and connected (country of origin, firmware, make and model, etc.), and threat level, goes a long way towards mitigate the risk of accidents and intrusion, but this is only the first step: let's not stop here. We seek to implement protective controls that reduce risk and position us further up the cybersecurity maturity curve.
Stay up-to-date on the risks of temporary assets and removable media
While surprisingly low on the list of malicious threat vectors in this survey, we know that transient resources and removable media present considerable risk, especially for those industries that require air-gapped networks for enhanced security. Implementing a solution that scans temporary assets and removable media before they have a chance to interface with your company's network is critical to not only protecting your company, employees and customers, but also staying aligned with latest compliance regulations.
Proactive – Non-reactive
If there is one last conclusion we can draw from the report, it is that there is no single solution to adopt when it comes to securing ICS/OT environments and that having a proactive and multidisciplinary strategy is the most comprehensive approach to avoid intrusions across all major threat vectors. So don't wait to have to react actively to a cyber threat: the best strategy is to have a plan in place with reliable and proactive preventive measures already in place and active.
OPSWAT Solutions
OPSWAT's proposed solutions support a wide range of use cases and help mitigate the vulnerabilities discussed above. Speak to one of our experts today to schedule a free demo and find out how OPSWAT can protect you from cyber threats.
