The cyber physical world around us is becoming more digitised, which forces organisations to adopt new operational processes to stay afloat. This leads to an increased need for meaningful automated awareness that can address the scale of potential threats associated with the rise in connected cloud security environments within Operational Technology (OT) with Industrial Control Systems (ICS).
With diverse economies and societies, the Asia Pacific region is facing significant challenges when it comes to protecting OT with ICS that powers critical services such as water, power, oil and gas, telecommunications, and transportation services. To address the growing complexity and risks, governments within the region are pushing for initiatives that will boost the resilience of critical infrastructures against increasing cyberthreats.
In Singapore for instance, the government established the OT Cybersecurity Masterplan and Operational Technology Cybersecurity Expert Panel to enhance the security and resilience of the country’s critical sector – by tapping on the expertise of stakeholders such as the Government, operators of Critical Information Infrastructure (CII) facilities, and the academic sector to mitigate cyber threats in the OT environment.
In 2017, the Australian Government has established the Critical Infrastructure Centre, a national framework to bolster critical infrastructure security for telecommunication, electricity, gas, ports and water sectors. Also, as early as 2014, Japan has implemented The Basic Act on Cyber Security 2014 which has set principles, government responsibilities and objectives for cyber security which was enhanced in 2018 in preparation for the Tokyo Olympics & Paralympics.
The speed of technology-driven innovation is arguably faster than ever, which makes it difficult to enforce security controls continuously. When executing solution strategy to secure OT cloud environments, security teams must be able to address the following challenges:
- Broad attack surface: Amid the convergence of information technology (IT) and OT networks, as well as increased cloud adoption, the attack surface continues to broaden exponentially.
- Cloud misconfigurations: Building on the broadened attack surface, misconfigured cloud-based resources leave critical OT environments at risk. Malicious actors targeting a misconfiguration when moving laterally within the OT infrastructure can wreak havoc.
- Legacy IT: Moving legacy hardware and software, which are often decades old, to the cloud means potentially introducing a range of vulnerabilities to the infrastructure. This presents cyber criminals with an opportunity to leverage historical tradecraft to gain access and perform reconnaissance before employing more sophisticated techniques once they have achieved their target.
Why you need an efficient cloud security plan
Proactively protecting ICS is a crucial aspect of successfully mitigating risks in the Fourth Industrial Revolution era. Amid the digitisation of operations, organisations must be able to protect data as it moves back and forth between OT and IT infrastructures.
They should weave cybersecurity into their initial plans as new hybrid infrastructures are built and implement centralised network security across the IT and OT environments with a network operations centre (NOC), as well as all applications and platforms within the network.
Moreover, securing the business edge requires an adaptive approach to cloud security that spans across on-premise, multi-cloud, and hybrid infrastructures. As part of the plan, organisations can take a four-pillar approach to their adaptive cloud security strategy to yield continuous earned trust:
- Zero Trust: Using intent-based segmentation that interprets business and security requirements, then automatically converts them into a segmentation policy, can help isolate workflows and applications.
- Security-driven networking: Integrating network infrastructure with security architecture using an integrated security platform to enable access control and segmentation.
- Adaptive cloud security: Connecting resources to protect from multiple threat vectors while leveraging consistent models and integrating with third-party applications.
- Artificial Intelligence-driven security operations: Deploying technologies like artificial intelligence (AI) and machine learning (ML) coupled with automated processes can detect and neutralise threats at the speed of business.
Secure your IT/OT environments
Like any infrastructure expansion, the benefits of moving OT to the cloud can outweigh the risks. However, organisations must concurrently implement a robust security strategy to mitigate these potential risks.
This requires leveraging automation to improve processes, enhance analytic accuracy and reduce errors. To secure these IT/OT interconnected layers, organisations must view them as systems within systems and understand the complexity of the infrastructure it supports. Vigilance across the OT architecture must extend from the plant floor all the way up through to the cloud. Foundationally, visibility remains a primary problem to address as firms move toward a digitally transformed IT/OT environment.
These transformational challenges associated with migrating to the cloud can be addressed with the adoption of a platform built around a common operating system and management framework. By doing so, the system can continuously assess risks and automatically adjust to provide comprehensive real-time protection.
Having an integrated cybersecurity platform enables consistent security across the network, provides seamless interoperability and complete visibility, as well as granular control for hybrid deployments.
It enables organisations to build security by design with the broadest set of offerings to maintain the same level of security across their IT and OT network environments. The centralised management system enables OT businesses to configure, manage, and monitor all components, to eliminate silos and provide greater visibility.
Moreover, an integrated security architecture minimises threat detection and response times while also enabling automated incident response for enhanced threat remediation across the extended network.
All of these security solution components work together to ensure safe, sustained operations – a concept that is top of mind across OT and embodies the ICS infrastructure upon which they are built. By identifying and adopting services that provide sustained situational awareness, OT leaders can achieve a sense of omnipresence to protect the transactions of their new cloud businesses.
Peerapong Jongvibool is Regional Director, Southeast Asia and Hong Kong at Fortinet