cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Your OT is no longer protected - it is a fair target.

HI All

 

When will organisation wake, up to the fact that critical infrastructure must be protected at all costs, especially if it is interconnected to systems which affect human lives?

 

https://thehackernews.com/2022/11/your-ot-is-no-longer-isolated-act-fast.html

 

Regards

 

Caute_Cautim

 

 

6 Replies
dcontesti
Community Champion

So having worked in that environment for years, I watched the environment change from being air gapped, to being fully connected.  And things started to change dramatically.  

 

Some of the things that can be done are firewalling.....although not the end of the story.

 

We need to train both Security and Audit folks are the risks/threats to these systems. There is training from SANS (Have not taken it, but I hear it is quite good).Another spot that does offer some assistance with ICS Security is the INL (however, spots are limited and usually are booked months in advance (typically being booked by US firms).

 

We as Security folks, know well how to protect our IT systems but not necessarily how to change the protections for OT.  Some things that can help, disable ports,  Why not disable some of the well known ports from 9 0 1023) on OT systems?  Do you really need port 25 open? Or port 18 or port 79.  I recommend that folks spend the time and look at the ports that are open and shutdown unused or unnecessary ports.

 

If you are in OT, ask the folks in IT to help do a proper Risk Assessment.  Once you have that in hand, you will have some of the information that you need to convince Management to spend the money.

 

We are starting to see conferences focused simply on OT security.  Try to attend one.

 

Work with the folks in IT to handle things like Patching and Anti-virus.  Anti-virus (at least a good one) can be configured to exclude specified directories.  Schedule patching during planned system outages. Common vulnerabilities cited across five NIST Cybersecurity Framework categories can often lead to preventable breaches. For example, only 33% employ effective OT patch management today.

 

This is not meant to be inclusive, one could write a book on this subject and still not cover all the bases.  Please do not read, if I do all this, I am protected.

 

My nickel

 

d

 

 

 

 

 

d

dcontesti
Community Champion

After posting my reply to this one, I received this file.

 

Part of it is a sales pitch, their offering does look interesting.

 

 

 

 

 

Caute_cautim
Community Champion

@dcontestiDefinitely a practical guide, as you if part sales pitch...

 

Regards

 

Caute_Cautim

Caute_cautim
Community Champion

@dcontestiA timely reminder and lessons learnt:

 

https://www.helpnetsecurity.com/2021/10/29/ot-security-lessons/

 

Regards

 

Caute_Cautim

CraginS
Defender I

Here's a writing tip, useful in the forum and in all writing:

EVERY time you use an acronym, clearly identify it on first use.

Also, remember, infosec/cybersc is a cross domain and multidiscipline field. Not everyone has the same baseline knowledge. and life experience Further, this forum is open to folks who think they want to become infosec professionals.

OT

Old Testament

Operating Thetan

Overtime

Off topic

Oxygenated Treatment

Occupational Therapy/ist

Offensive Tackle

Oxytocin

 

 

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
dcontesti
Community Champion

Thanks Craig for the reminder.  I worked in Operating Technology (OT) for so long that I sometimes forget.

 

d