Defending industrial networks from cyber threats. The place do I begin?

Defending industrial operations from cyberthreats ought to at all times be prime of thoughts. Nonetheless, with operations networks being usually very complicated and cyber threats rising more and more extra subtle, it may be troublesome to know the place to begin. Kam Chumley-Soltani just lately held a webinar outlining finest practices to guard your industrial surroundings from cyber threats. Kam is a Technical Options Architect in Cisco’s industrial IoT group, working with clients day by day to assist them drive their OT safety tasks. Signal as much as watch the replay:  Defending industrial networks from cyber threats: The place do I begin?

Within the webinar, Kam recommends a stepped strategy in direction of a mature ICS/OT safety technique, implementing the next finest practices:

1. See every thing in your industrial community

You may’t safe what you don’t learn about. You want full visibility into your industrial community and OT safety posture, so you’ve the data it is advisable cut back the assault floor, section the commercial community, and implement cybersecurity insurance policies. Cisco Cyber Imaginative and prescient offers you real-time, detailed visibility into your industrial belongings, their communication patterns, and utility flows. It embeds visibility capabilities into industrial community gear, so there’s no want for devoted safety home equipment or to construct out-of-band SPAN assortment networks.

2. Phase the community into smaller belief zones

Community segmentation is vital to securing your community and defending vital industrial processes. It’s additionally a requirement of the ISA/IEC62443 safety requirements. Utilizing devoted safety home equipment for zone segmentation requires you to deploy extra {hardware}, create and keep firewall guidelines, and even change community wiring and IP addresses. You may keep away from this additional price and complexity by extending software-based community segmentation insurance policies to industrial management networks. Cisco Identification Providers Engine (ISE) works with community switches, routers, and wi-fi entry factors to limit communications as per the outlined zones. And it makes use of teams outlined in Cyber Imaginative and prescient to permit/deny communications for every asset and drives collaboration between IT and OT groups.

Be part of us for a webinar on October 31 for extra particulars on the way to adjust to the ISA/IEC62443 safety requirements.

3. Safe distant entry to OT belongings

Distant entry is vital for operations groups, distributors, and contractors to configure, keep, and troubleshoot OT belongings with out time-consuming and expensive visits. Nonetheless, many present distant entry options create safety backdoors or include many tradeoffs Cisco Safe Tools Entry (SEA) is fixing the challenges of deploying safe distant entry to operational belongings at scale and brings all the advantages of a zero belief community entry (ZTNA) resolution to industrial operations. There isn’t a devoted {hardware} to put in and handle and no complicated firewall guidelines to configure and keep.

If you wish to study extra, be a part of us for a session on ZTNA on October 25 for IIoT World Cybersecurity Day. 

For extra particulars on the way to get began together with your industrial safety journey, watch Kam’s webinar replay or come to the SecurityWeek ICS Cybersecurity Convention in Atlanta subsequent week, the place Anastasia Mills and Kam Chumley-Soltani can be presenting a breakout session on Wednesday, October 25 at 10:25 am PST.

That is the most important and longest-running occasion collection centered on industrial cybersecurity. The convention attracts ICS stakeholders throughout a bunch of industries and quite a lot of OT, IT, authorities, distributors, and extra. Be sure to cease by the Cisco Sales space #18 to debate additional and meet the crew.

Share: