Here is a four-pillar approach to an adaptive cloud security strategy that can straddle the broad attack surfaces of converged OT/ICS.
In the Asia Pacific region, significant challenges exist when it comes to protecting OT (operational technology) with Industrial Control Systems (ICS) that powers critical services such as water, power, oil and gas, telecommunications and transportation services.
To address the issue, regional governments are pushing for initiatives to boost the resilience of critical infrastructures against increasing cyber threats. However, the speed of technology-driven innovation is arguably faster than ever, making it difficult to enforce security controls continuously.
When executing solution strategy to secure OT cloud environments, security teams must be able to address the following challenges:
- Broad attack surfaces: Amid the convergence of IT and OT networks, as well as increased cloud adoption, the attack surface continues to broaden exponentially.
- Cloud misconfigurations: Building on the broadened attack surfaces, misconfigured cloud-based resources leave critical OT environments at risk. Malicious actors targeting a misconfiguration when moving laterally within the OT infrastructure can wreak havoc.
- Legacy IT: Moving legacy hardware and software (often decades old) to the cloud potentially introduces a range of vulnerabilities to the infrastructure. This presents cybercriminals with an opportunity to leverage historical tradecraft to gain access and perform reconnaissance before employing more sophisticated techniques once they have achieved their target.
Tips for a strong cloud security plan
Amid the digitalization of operations, organizations must be able to protect data as it moves back and forth between OT and IT infrastructures. They should weave cybersecurity into their initial plans as new hybrid infrastructures are built and implement centralized network security across the IT and OT environments with a network operations center (NOC), as well as all applications and platforms within the network.
Moreover, securing the business edge requires an adaptive approach to cloud security that spans across on-premises, multi-cloud, and hybrid infrastructures. As part of the plan, organizations can take a four-pillar approach to their adaptive cloud security strategy to yield continuous earned trust:
- Zero Trust: Use intent-based segmentation that interprets business and security requirements and automatically converts them into a segmentation policy to isolate workflows and applications.
- Security-driven networking: Integrating network infrastructure with security architecture using an integrated security platform to enable access control and segmentation.
- Adaptive cloud security: Connecting resources to protect from multiple threat vectors while leveraging consistent models and integrating with third-party applications.
- AI-driven security operations: Deploying AI and machine learning coupled with automated processes can detect and neutralize threats at the speed of business.
Securing converged IT/OT environments
To secure the interconnected layers of IT and OT in the cloud, organizations must view them as systems within systems and understand the complexity of the infrastructure it supports. That means:
- Foundationally, as firms move toward a digitally transformed IT/OT environment, visibility remains a primary problem to address. Vigilance across the OT architecture must extend from the plant floor all the way up through to the cloud.
- Transformational challenges associated with migrating to the cloud can be addressed with the adoption of a platform built around a common operating system and management framework. By doing so, the system can continuously assess risks and automatically adjust to provide comprehensive real-time protection.
- Having an integrated cybersecurity platform enables consistent security across the network, so that it can provide seamless interoperability and complete visibility, as well as granular control for hybrid deployments. It enables organizations to build security-by-design with the broadest set of offerings to maintain the same level of security across their IT and OT network environments.
- A centralized management system enables OT businesses to configure, manage, and monitor all components to eliminate silos and provide greater visibility. Moreover, an integrated security architecture minimizes threat detection and response times while also enabling automated incident response for enhanced threat remediation across the extended network.
All of these security solution components work together to ensure safe, sustained operations—a concept that is top-of-mind across OT and embodies the foundational ICS infrastructure.
By identifying and adopting services that provide sustained situational awareness, OT leaders can achieve a sense of omnipresence to protect the transactions of their new cloud businesses.