Protecting industrial operations from cyberthreats should always be top of mind. However, with operations networks being often very complex and cyber threats growing increasingly more sophisticated, it can be difficult to know where to start. Kam Chumley-Soltani recently held a webinar outlining best practices to protect your industrial environment from cyber threats. Kam is a Technical Solutions Architect in Cisco's industrial IoT group, working with customers every day to help them drive their OT security projects. Sign up to watch the replay: Protecting industrial networks from cyber threats: Where do I start?
In the webinar, Kam recommends a stepped approach towards a mature ICS/OT security strategy, implementing the following best practices:
You can't secure what you don't know about. You need full visibility into your industrial network and OT security posture, so you have the information you need to reduce the attack surface, segment the industrial network, and enforce cybersecurity policies. Cisco Cyber Vision gives you real-time, detailed visibility into your industrial assets, their communication patterns, and application flows. It embeds visibility capabilities into industrial network equipment, so there's no need for dedicated security appliances or to build out-of-band SPAN collection networks.
Network segmentation is key to securing your network and protecting critical industrial processes. It's also a requirement of the ISA/IEC62443 security standards. Using dedicated security appliances for zone segmentation requires you to deploy additional hardware, create and maintain firewall rules, or even change network wiring and IP addresses. You can avoid this extra cost and complexity by extending software-based network segmentation policies to industrial control networks. Cisco Identity Services Engine (ISE) works with network switches, routers, and wireless access points to restrict communications as per the defined zones. And it uses groups defined in Cyber Vision to allow/deny communications for each asset and drives collaboration between IT and OT teams.
Watch our webinar on demand on how to comply with the ISA/IEC62443 security standards.
Remote access is key for operations teams, vendors, and contractors to configure, maintain, and troubleshoot OT assets without time-consuming and costly visits. However, many existing remote access solutions create security backdoors or come with many tradeoffs Cisco Secure Equipment Access (SEA) is solving the challenges of deploying secure remote access to operational assets at scale and brings all the benefits of a zero trust network access (ZTNA) solution to industrial operations. There is no dedicated hardware to install and manage and no complex firewall rules to configure and maintain.
If you want to learn more, watch our panel discussion on ZTNA during the 2023 IIoT World Cybersecurity Day.
For more details on how to get started with your industrial security journey, watch Kam's webinar replay or come to the SecurityWeek ICS Cybersecurity Conference in Atlanta next week, where Anastasia Mills and Kam Chumley-Soltani will be presenting a breakout session on Wednesday, October 25 at 10:25 am PST.
This is the largest and longest-running event series focused on industrial cybersecurity. The conference attracts ICS stakeholders across a host of industries and a variety of OT, IT, government, vendors, and more. Make sure you stop by the CiscoBooth#18to discuss further and meet the team.