Securing OT Systems for Critical Infrastructure
Published on : Wednesday 01-02-2023
How PAS Cyber Integrity® helps identify, detect and recover from industrial cyber threats.
To mitigate risk, address compliance requirements, and improve process safety, companies must move from today’s IT-centric solutions to an OT/ICS-centric cybersecurity approach. Traditional IT endpoint cybersecurity tools address only 20% of OT/ICS-centric cyber assets, leaving proprietary, heterogeneous industrial control systems hidden and vulnerable. Unlike IT-centric tools, PAS Cyber Integrity protects all control systems (Level 3 - Level 0) against cyber threats.
Challenge
Securing Operational Technology (OT) systems for critical infrastructure requires identifying and tracking a complete inventory of all OT and IT endpoints. Only with a comprehensive inventory that includes configuration data can companies protect against unauthorised change, achieve compliance, mitigate risk and ultimately secure OT assets and improve process safety.
Centralised monitoring and management of proprietary, multi-vendor OT systems in a facility is a complicated process. Control system inventory and configurations are typically gathered manually, a time-intensive process requiring expensive engineering resources. In addition, using IT-centric network monitoring tools to identify and manage OT system inventory is insufficient. Traditional IT-based security tools have limited visibility to Level 1 and Level 0 devices, and most importantly, do not collect the deep proprietary configuration data required to manage configuration changes.
Lack of a comprehensive, evergreen inventory exposes OT systems to cyber attacks and makes it difficult to detect unauthorised change, identify vulnerabilities and risks or maintain compliance with regulatory and corporate standards.
Solution
PAS Cyber Integrity delivers comprehensive inventory, vulnerability, configuration, compliance, backup and recovery and risk management for OT assets:
i. Discovers and automatically maintains a complete inventory of OT assets
(Level 3.5 – Level 0)
ii. Provides continuous vulnerability management with patch level assessments
iii. Tracks configuration changes against established baselines
iv. Identifies OT and IT endpoint cybersecurity risks
v. Enables workflows and documentation for vulnerability remediation and compliance with NIST, ISA/IEC 62443, NERC CIP, ISO 27001/2, the NIS Directive and other regulations
vi. Accelerates recovery with backups of critical control system data and supports in-depth forensic analysis, and
vii. Integrates with Security Information and Event Management (SIEM), Intrusion Detection Systems/Intrusion Protection Systems (IDS/IPS) and IT Service Management (ITSM) tools.
Cyber Integrity supports multi-vendor, multi-generational OT assets, providing enterprise scalability, performance and platform independence.
Cyber Integrity Capabilities
Inventory Management: Maintains a complete inventory of OT and IT system hardware and software, including configuration data, control strategies, I/O cards, firmware, applications and any custom data.
Vulnerability Management: Automates vulnerability assessment for OT and IT assets. Assesses applicability and impact of Microsoft® patches and automation system vendor bulletins. Provides an enterprise-wide holistic image of vulnerability risk and enhances risk-based decision making. Maintains situational awareness of attack surface and vulnerability severity, aging and propagation paths as they relate to known weaknesses in your infrastructure.
Configuration Management: Monitors for unauthorised changes to control strategies, device inventory, asset configuration and logical and graphical files. Automates remediation actions via workflows based on asset value and risk, guiding operations, compliance and cybersecurity responses. Establishes configuration baselines for ICS cybersecurity, compliance, governance and operations change monitoring.
Compliance Management: Audits and delivers reports to meet internal and regulatory compliance requirements. Provides relevant and actionable information to the right people at the right time – including inventory, alerts, user authentication events, configuration details and change history.
Workflows: Facilitates remediation, mitigation, policy and regulatory compliance activities and enables action documentation and reporting.
Backup and Recovery: Enables rapid restoration of control system operations in the event of a worst-case scenario. Supports in-depth forensic analysis. Captures full configuration backups to speed recovery.
Risk Analyses: Identifies cybersecurity risks to both OT and IT endpoints, continuously measures multi-vendor system security posture and visualises risk propagation.
Asset Models
Support for more than 120 control systems enables Cyber Integrity to deliver value to industrial companies who must maintain and secure multi-vendor, multi-generational OT systems. Cyber Integrity is a highly scalable, enterprise-class solution deployed at hundreds of sites globally.
Cyber Integrity is part of PAS OT Integrity™, a powerful and scalable OT/ICS risk and endpoint management platform that provides OT operators and cybersecurity personnel with the critical data and insight needed to make their industrial operations safer and more resilient.
To learn more about Cyber Integrity or PAS OT Integrity, please visit pas.com.
Hexagon is a global leader in digital reality solutions, combining sensor, software and autonomous technologies. We are putting data to work to boost efficiency, productivity, quality and safety across industrial, manufacturing, infrastructure, public sector, and mobility applications.
Hexagon’s Asset Lifecycle Intelligence division helps clients design, construct, and operate more profitable, safe, and sustainable industrial facilities. We empower customers to unlock data, accelerate industrial project modernisation and digital maturity, increase productivity, and move the sustainability needle.
Our technologies help produce actionable insights that enable better decision-making and intelligence across the asset lifecycle of industrial projects, leading to improvements in safety, quality, efficiency, and productivity, which contribute to Economic and Environmental Sustainability.
Hexagon has approximately 21,000 employees in 50 countries and net sales of approximately 3.8bn EUR. Learn more at hexagon.com
