Zero trust and remote access analysis for OT environments – Technologist
Cyolo has partnered with KuppingerCole and released an industry analysis focused on zero trust and remote access for operational technology (OT) environments.
The analysis reveals key insights about the OT cybersecurity threat landscape, outlines high-level security architecture for OT, critical infrastructure systems (CIS) and industrial control systems (ICS), and evaluates key requirements of security regulations and frameworks.
OT environments experience the same kinds of threats as enterprise IT – including ransomware, account takeovers, APTs, and supply chains as vectors – while experiencing expanded OT-specific threats.
While traditional IT security tools may be adapted, developing robust security architectures for OT environments is inherently complex compared to their IT counterparts. Its unique nature, from equipment and software to communication protocols requires dedicated OT security solutions.
Key insights
OT threat landscape. Heightened geopolitical factors have intensified attacks on OT and ICS, posing significant consequences ranging from operational disruptions and service denial to financial repercussions and potential harm to human well-being.
Core cybersecurity regulations. The risks and consequences of cyber-attacks against critical infrastructure advanced regulations globally mandating secure architectures and technical controls. KRITIS and the follow-on IT Security Act 2.0 are related examples of such regulations, as well as the NIST Cybersecurity Framework.
OT security architectures and key functionalities. There are eight areas of functionality that are central to effective OT security architectures. Cybersecurity architectures for OT must address asset discovery, access control, IT security tool integration, detection and response capabilities, and OT protocol-level threats.
As the analysis breaks down, within critical infrastructure interruptions and downtime are not an option. To address the increasing need for secure access in OT environments, Cyolo introduced Cyolo 4.3, which expands key capabilities with more layers of security and makes the product easier than ever to use for both administrators and end users in the industrial space.
With Cyolo 4.3, industrial organisations will be able to extend their multi-factor authentication (MFA) across environments through integration with Duo Security to support their physical tokens as required.
Cyolo has implemented another layer of security for file transfer within the OT/ICS environment, through query anti-virus software to scan files before they are delivered to their destination. The company is also adapting for further usability, allowing teams to securely invite external users by generating a secure one-time password; and import groups from existing IdPs, using System for Cross-domain Identity Management (SCIM).
“Ensuring the security of critical infrastructure and industrial processes has become increasingly critical as organisations unite their IT and OT systems. This convergence has expanded the OT threat landscape and introduced significant cybersecurity challenges, as the once-isolated OT networks are now vulnerable to the same threats that have targeted IT networks for years” said Joe O’Donnell, vice president ICS/OT of Cyolo.
“With Cyolo 4.3, industrial entities can confidently navigate the complexities of the modern threat landscape and fortify their defences against evolving cyber threats,” he added.