One topic that continues to be discussed with prospects and customers is the risk they face daily with their OT cybersecurity deployments. Customers constantly question the ROI of deploying protection solutions and want to know which investments will deliver the greatest return on mitigation and investment. The section on critical initial attack vectors in the SANS 2024 State of ICS/OC Cybersecurity Report resonated. Cam explored the topic in our Zero Trust whitepaper, but the SANS report gets the data from the real world.
This is what the survey said:
Sadly, this result aligns perfectly with the investment question (covered in this blog) in showing that the most significant risk for OT is the network path with IT.
This isn’t a one-off. The report notes explicitly that IT is “historically the most commonly reported attack vector.” It makes the investment in a defensible architecture critical and highlights that credential theft (mainly phishing) and lateral movement are big problems for OT networks. The list above also reflects reconnaissance issues (external remote services, internet-accessible devices, exploit of public-facing applications, etc.) that lead to compromise.
So, the network connection between IT and OT is a big problem. Air gapping used to be a valid approach. However, the need to connect factories with advanced analytics and cloud services makes air-gapping inadequate today. I will leave you with one question to ponder as you digest the SANS report. Would your OT network be safer with a non-IT solution? Would it be safer with something analogous to a “protocol break” in the kind of security controls used to interrupt these attacks? I believe so. Do you want to have the same firewalls with the same CVEs? I believe not. If you want to see how you can build a defensible OT architecture, Schedule a demo and see how we can transform your OT network in less than 30 days.
Follow Us
Experience the simplicity of BlastShield to secure your OT network and legacy infrastructure.
.png)
.svg)