How to ensure complete OT security: An Interview with Iain Rennie
The threat to OT systems is on the increase with malicious software being attacked at an incoming rate of 250,000 threats per day. Over 90% of organisations that use operational technology experienced some form of cyber attack in 2021. There is an increasing demand to protect OT security systems across industries as a result.
OT systems define the collection of networks, control systems, SCADA systems and associated equipment. There is great importance placed on implementing an effective cybersecurity management system (CSMS) that protects the entire ICS.
AGSL’s Operations Director Iain Rennie discusses the most important OT security issues faced across many industries today. Iain touches on tried and tested solutions that have helped customers tackle this ever increasing threat to Industrial Automation.
What steps can I take to ensure OT security?
Can you explain your role within Asset Guardian Solutions Limited?
I’m the Operations Director of Asset Guardian and oversee all aspects of the business, although my background is within the technical side.
How did Asset Guardian come to be the global software solution it is today?
Asset Guardian has grown and developed over the last 20 years. It provides customers with a solution to manage the safety of their industrial control systems. Asset Guardian successfully serves customers across industries like oil and gas, chemical processing, and renewables.
Throughout this time, we have built up our global customer base through providing a great product and a great service. Much of our new business comes from customer recommendations such as customers’ own engineers who have used it in previous roles.
What is Asset Guardian’s Unique Selling Point?
Control systems engineers developed Asset Guardian to fit exactly the needs in the automation industry. It is not an IT product trying to fit into the industrial world, but a product designed, developed and supported by control systems engineers.
What are the core features of Asset Guardian?
Asset Guardian’s core features include software repository and version control, change management, fault logging, hardware inventory management and password management. It also includes associated information management of documents and correspondence records.
Having all this configuration information in one integrated solution then allows us to add advanced functionality around obsolescence management and cyber security management. It is an integrated solution and all the data is inter-related between the various sections.
One of Asset Guardian’s specialties is Cyber Security Management. This is a hot topic in Industrial Automation today. Why is this?
Cyber Security Management/ OT security has been a top priority in the IT world for many years. However, in the industrial control networks side (the Operational Technology or OT), cyber security has not had the same exposure.
Many times, the company’s IT department does not extend to the Operational Technology Security network, which the control engineers to manage. Their main driver is safety and availability rather than security.
Recently though, there have been some high profile threats exposed specifically targeted at OT security systems. As OT systems become more sophisticated, they become susceptible to threats. Governments and regulators have identified this and are now putting pressure on operators to manage their cyber security threats properly.
They also have to prove they are doing it.
What are the main Cyber Security Management issues faced across Industries today?
The key thing about cyber threats in OT networks is that the priorities are different from Information Technology. OT systems must prioritise safety and availability over confidentiality, where in IT, it is the opposite.
Also, the endpoint protection available for IT systems are not suitable to for deployment on an OT network.
How can Asset Guardian help operators looking for an OT cybersecurity solution?
The first step in effectively managing your cyber security risks is to have a Cyber Security Management System (CSMS). This needs to contain your cyber inventory including all devices, network zones and connections (conduits), operating systems, firmware versions and installed applications.
Asset Guardian’s core features allows it to act as your CSMS, holding all this information and cross linking to installed software versions. The Asset Guardian Cyber Security Module then allows all this cyber inventory information to be cross referenced against known vulnerabilities, with automatic notifications and reports showing specific risks.
Customers can then plan and deploy mitigations including patch management within Asset Guardian’s core features. This includes change management, secure password management, software version control and repository, allowing effective disaster recovery in case of attack and infection.
Can you give an example of how a client utilised the Asset Guardian Cyber Security Manager to solve their problems? What solutions were they provided with?
We have a number of existing clients who were using Asset Guardian for a number of years and then extended its use as a CSMS. This was extremely cost-effective since much of the data was already in the system and the infrastructure for Asset Guardian was already in place.
Other customers have taken Asset Guardian on specifically to act as their cyber risk management framework, but embraced all of Asset Guardian core features, seeing the great benefits in having an integrated solution.
Recently a number of our customers are rolling Asset Guardian out as a global solution for their CSMS, where they are managing a large number of Assets across the world.
When customers identify vulnerabilities, they can then assess the risk globally and mitigate using the same strategy globally. This gives economy of scale and prevents each region duplicating work and coming up with divergent, less-effective strategies.
What do you see as the biggest challenges in rolling out an effective Cyber Security Management System?
The biggest challenge we see is populating the data in the inventory and then maintaining that data. Asset Guardian has many options for bulk importing and bulk updating data, and we also develop interfaces to other systems. This includes network scanning and discovery tools, in order to keep that data current.
Asset Guardian performs effectively in conjunction with front line network monitoring tools (such as Claroty or Radiflow). These passively scan and protect your OT network, identify live threats, and scan for new devices.
Asset Guardian then stores the inventory data and acts as the second line CSMS. It provides asset inventory management, vulnerability tracking and notification, patch management, change management and software version control.
Do you have any advice for decision makers dealing with Cyber Security Management?
Don’t look at cyber security management as an isolated, costly exercise required to keep regulators happy. Look at it as an opportunity for a step-change improvement in all aspects of your control systems management.
Using an integrated solution for your CSMS allows you to leverage benefits around configuration change management, software version control, obsolescence management and disaster recovery, which will deliver real risk reduction and measurably improved operations.
If you would like more information on OT security with Asset Guardian, please explore our cybersecurity management resources further. Alternatively, fill out the contact form below and a member of our team will be in touch.