Image: © AFP
The current year has been difficult on the cybersecurity front. Will 2022 bring relief to businesses? It seems unlikely according to Syed Belal, director of cybersecurity consulting services at Hexagon PPM.
Belal considered for Digital journal what he thinks are the main trends of the coming year for Operational Technology (OT) Cybersecurity. This focuses on ‘zero trust‘. Zero Trust is a strategic initiative that helps prevent successful data breaches by removing the concept of trust from an organization’s network architecture.
Zero Trust is a security framework that requires all users, whether inside or outside the organization’s network, to be authenticated, authorized and continuously validated for security configuration and posture.
With more operational technology-related attacks on the horizon, Belal warns that we cannot become too reliant on promises of new technology solutions, like “zero trust”.
Zero Trust will not make its way to ICS / OT…. For now
According to Belal, achieving Zero Trust is based on three key concepts. These are:
- All resources are securely accessible, regardless of location. This implies that no device / user / application should be trusted assuming threats are present both inside and outside the OT / ICS network.
- Adopt a least privilege policy and strictly enforce access control. In other words, disable any services / ports / protocols that are not required for the user’s job responsibility.
- Inspect and record all OT / ICS network traffic.
How likely are each of these elements to be in place and linked within a typical business?
Belal explains the importance of a “zero trust” synergy: “To achieve the three key concepts above, a continuous adaptive assessment of risk and trust in the OT network is necessary. “
He adds that these included:
- 100% OT / ICS endpoint discovery, visibility and control
- The ability to manage Agentless Industrial Internet of Things (IIoT) devices and cyber OT systems
- Micro-segmentation to limit lateral movements through computer networks / industrial control systems (ICS) and contain breaches
- Continuous logging as part of Security Information and Event Management (SIEM), Monitoring via Intrusion Detection Systems (IDS), OT cybersecurity risk assessment and remediation.
How close are companies to achieving “zero trust”? According to Belal: “The objective is clear that OT / ICS must achieve the Zero Trust strategy. However, its adoption will take some time because, first of all, traditional approaches to micro-segmentation pose significant limitations that impact its effectiveness and uptake. Second, the least privilege in OT / ICS is limited to users.
The complexity of the goal is due to: “OT / ICS devices and applications that are designed to have administrator privileges and were not designed with the principle of least privilege in mind,” Belal explains.
As businesses prepare for the Zero Trust concept, Belal recommends: “Inspecting and blocking suspicious traffic has a high number of false positives and can block legitimate traffic, which will impact business uptime. . “