The Russian invasion of Ukraine is at the forefront of global attention, and thanks to the proliferation of modern communication devices, we’re able to see the catastrophic results of warfare in real time.
Every day, on our phones and desktops, we’re served vivid reminders of the destruction that arises from geopolitical conflict. The scenes of war are more visual and more accessible to us than ever before.
But at the same time, an unseen war is being waged beneath the surface—a cyber-war.
A recent report showed that, in the first three days following the Russian invasion, online attacks against the Ukrainian military and governmental sectors nearly tripled. And it’s not just the public sector that is being targeted. The same report also showed a small increase in attacks against both Ukrainian and Russian organizations, in general.
It may be mostly invisible to us, but the potential consequences of this digital battle are very real. While hackers (state-sponsored or otherwise) may target opposing forces’ information databases, they could also take down critical operational technology—or “OT”—such as electrical systems, water treatment facilities, and communications networks, causing immeasurable damage to the lives of ordinary civilians.
Essentially any Internet-connected OT asset is vulnerable to being compromised. This means that every organization or group—from government agencies to corporations to average citizens—could be affected by a cyber-attack.
It’s becoming more crucial than ever to ensure these assets are protected. With that in mind, let’s examine what can be done to create an effective OT security program.
The 3 Key Pillars of OT Security
The process of securing OT assets isn’t the same as the “traditional” processes used in IT security for devices like tablets and laptops.
This is because OT security requires a special focus on asset resilience instead of just protecting the integrity of information. Many OT assets are crucial to the ongoing operations of an organization or business, and they need to remain safe and functional at all times.
To achieve this effectively, an OT security program needs to combine three primary capabilities:
- Discovery: This is the ability to find a device’s location and key information within a readily available inventory. Many organizations simply don’t know where their connected OT assets are located, when they were last updated, or who is responsible for maintaining them. Having one comprehensive inventory that functions as a single source of truth for all assets can bring much-needed clarity and save valuable time if and when a cyber-threat occurs.
- Monitoring: In the heat of a crisis, a lack of knowledge can quickly turn into complete chaos. But knowing exactly which assets are at risk can help leaders prioritize and address these vulnerabilities. A monitoring tool—ideally one that is integrated with the inventory—enables teams to see precisely where threats are occurring so they can quickly and effectively respond.
- Remediation: Every organization with OT assets needs the ability to quickly dispatch people and resources to solve a security issue. If there’s no reliable system in place to remediate OT-related threats, then every crisis can become a time-consuming guessing game. A team with robust remediation capabilities knows exactly when, where, and how to address a threat—ideally using a work order system that automatically sets the process in motion.
This may seem like a lot to think about, but the good news is that all three of these OT security pillars are achievable within a single system. For example, a solution like an integrated workplace management system (IWMS) allows an organization to track all of their devices in a single inventory and enables easy work order creation and distribution. An IWMS can also be integrated with third-party monitoring tools, bringing the trifecta of OT security capabilities together in a single interface.
Preparing for the Future
While we can’t be sure what tomorrow will bring, one thing is certain: Protecting OT assets is, and will continue to be, of the utmost importance. These connected devices power our way of life, and their safety and functionality simply can’t be left to chance. Whether it’s state-supported cyber war operations or individual hackers just seeking a payday, the number and complexity of potential threats are growing all the time. By implementing the three main capabilities discussed above, organizations can fortify their OT defenses and reduce the chances of being significantly impacted by a cyber-attack.
