Protecting industrial operations from cyberthreats ought to at all times be prime of thoughts. However, with operations networks being typically very complicated and cyber threats rising more and more extra refined, it may be tough to know the place to start out. Kam Chumley-Soltani not too long ago held a webinar outlining greatest practices to guard your industrial setting from cyber threats. Kam is a Technical Solutions Architect in Cisco’s industrial IoT group, working with prospects daily to assist them drive their OT safety initiatives. Sign as much as watch the replay: Protecting industrial networks from cyber threats: Where do I begin?
In the webinar, Kam recommends a stepped method in the direction of a mature ICS/OT safety technique, implementing the next greatest practices:
1. See every part in your industrial community
You can’t safe what you don’t find out about. You want full visibility into your industrial community and OT safety posture, so you could have the data it’s essential to scale back the assault floor, section the economic community, and implement cybersecurity insurance policies. Cisco Cyber Vision provides you real-time, detailed visibility into your industrial property, their communication patterns, and software flows. It embeds visibility capabilities into industrial community tools, so there’s no want for devoted safety home equipment or to construct out-of-band SPAN assortment networks.
2. Segment the community into smaller belief zones
Network segmentation is essential to securing your community and defending important industrial processes. It’s additionally a requirement of the ISA/IEC62443 safety requirements. Using devoted safety home equipment for zone segmentation requires you to deploy extra {hardware}, create and preserve firewall guidelines, and even change community wiring and IP addresses. You can keep away from this further value and complexity by extending software-based community segmentation insurance policies to industrial management networks. Cisco Identity Services Engine (ISE) works with community switches, routers, and wi-fi entry factors to limit communications as per the outlined zones. And it makes use of teams outlined in Cyber Vision to permit/deny communications for every asset and drives collaboration between IT and OT groups.
Join us for a webinar on October 31 for extra particulars on methods to adjust to the ISA/IEC62443 safety requirements.
3. Secure distant entry to OT property
Remote entry is essential for operations groups, distributors, and contractors to configure, preserve, and troubleshoot OT property with out time-consuming and dear visits. However, many present distant entry options create safety backdoors or include many tradeoffs Cisco Secure Equipment Access (SEA) is fixing the challenges of deploying safe distant entry to operational property at scale and brings all the advantages of a zero belief community entry (ZTNA) answer to industrial operations. There isn’t any devoted {hardware} to put in and handle and no complicated firewall guidelines to configure and preserve.
If you need to be taught extra, be part of us for a session on ZTNA on October 25 for IIoT World Cybersecurity Day.
For extra particulars on methods to get began along with your industrial safety journey, watch Kam’s webinar replay or come to the SecurityWeek ICS Cybersecurity Conference in Atlanta subsequent week, the place Anastasia Mills and Kam Chumley-Soltani will likely be presenting a breakout session on Wednesday, October 25 at 10:25 am PST.
This is the most important and longest-running occasion collection centered on industrial cybersecurity. The convention attracts ICS stakeholders throughout a bunch of industries and quite a lot of OT, IT, authorities, distributors, and extra. Make certain you cease by the Cisco Booth #18 to debate additional and meet the group.
Share: