How to Stay Ahead of Cyber Threats in the Industrial Sector
Protect your operational technology (OT) systems from evolving cyber risks and challenges in the post-pandemic world
The COVID-19 pandemic accelerated digital transformations in the industrial sector at an unprecedented speed, leading to increased digitalization, connectivity and remote access to OT systems. While these changes offer various benefits, they concurrently pose new challenges, notably the increased exposure and vulnerability of OT systems to cyber threats. Such threats can have serious consequences for the safety, productivity, profitability and reputation of industrial organizations. How can you improve security for your OT systems from emerging cyber threats and trends, and what practices and solutions can enhance your cybersecurity posture and resilience?
To answer these questions, professionals in the field of OT cybersecurity shared their insights and experiences in a recent webinar hosted by Honeywell, Takepoint Research and Industrial Cyber. The webinar featured a lively and informative discussion among three panelists: Paul Smith, Director of Engineering for Cybersecurity at Honeywell Connected Enterprise; Dimple Shah, Senior Director of Global Technology and Data Policy at Honeywell; and Paul Griswold,Chief Product Officer for Cybersecurity at Honeywell Connected Enterprise. They were joined by Jonathan Gordon, Head of the Industrial Cybersecurity Analyst team at Takepoint Research, who moderated the conversation.
Here are some of the key takeaways.
The impact of the pandemic on OT cybersecurity and implications for the future
The pandemic accelerated the digitalization and connectivity of industrial assets, emphasizing the need for remote access and monitoring of OT systems. While this enhanced efficiency, performance and flexibility, it also expanded the attack surface and exposure of OT systems to cyber threats. These threats encompass nation-state actors, ransomware, IoT devices, cloud services and quantum computing.
Consequently, cybersecurity became crucial for enhancing operational reliability and safety. A comprehensive and holistic approach covering people, processes and assets involved in the OT environment is fundamental. Resilience and business continuity are paramount, particularly for organizations providing essential services or critical infrastructure. Cybersecurity strategies must align with business objectives, emphasizing risk reduction and performance optimization.
Best practices for securing OT systems
Helping improve security for OT systems involves more than protecting IT systems; it requires safeguarding physical processes and assets. To enhance OT security:
- Establish a dedicated OT cybersecurity program (supported by solutions like Honeywell Forge Cybersecurity+ | Cyber Insights) that aligns with your business goals and safety culture and has clear leadership, processes, metrics and budget.
- Conduct regular assessments and audits of your OT environment while collaborating with IT, security, legal, compliance and third-party partners.
- Implement a layered, defense-in-depth strategy, incorporating network segmentation, data encryption, user authentication, action authorization, traffic monitoring, endpoint protection, file backup and system patching incidence response.
- Educate and train your OT personnel on cybersecurity awareness, best practices and policies.
- Engage methods that explain the cyber risks and impacts in terms they can understand and relate to.
Finally, participate in public-private partnerships and industry groups that facilitate the sharing of information, intelligence, best practices, and lessons learned among peers and experienced professionals in the OT cybersecurity domain. Sharing information, best practices, and resources among different stakeholders, such as OT, IT, government, regulators, vendors, and customers, helps to improve your organization’s cyber defense posture and response capabilities. Some of the initiatives and platforms that facilitate such collaboration include the Industrial Internet Consortium, the ISA Global Cybersecurity Alliance and the Cybersecurity and Infrastructure Security Agency.
Common pitfalls to avoid
Avoiding common pitfalls is crucial for effective cybersecurity efforts:
- Do not assume that OT systems are isolated or immune to cyber attacks.
- Avoid applying IT-centric cybersecurity practices and tools to the OT environment without considering domain differences.
- Do not neglect the human factor and the organizational culture shaping OT cybersecurity behavior and outcomes.
Innovation and collaboration for cybersecurity enhancement
Innovation and collaboration play pivotal roles in bolstering industrial organizations’ cybersecurity posture and resilience.
Embrace innovation and new technologies like AI, machine learning, blockchain, encryption, cloud and edge computing to help improve the security, efficiency and performance of the OT systems.
Leverage collaboration to achieve common goals. Actively collaborate with OT and IT teams, government bodies, regulators, vendors and customers to share insights and establish robust cybersecurity measures.
Honeywell prioritizes fostering innovation and collaboration in OT cybersecurity, engaging with partners and customers, and actively participating in industry initiatives to share information and best practices.
For more insights, watch the webinar recording and download the slides and Q&A document.
Stay connected with Honeywell for future events by contacting us to join the email list.