Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content.
You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Managing your cookies

Our website uses cookies. You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button.

Necessary cookies

These are essential for the user navigation and allow to give access to certain functionalities such as secured zones accesses. Without these cookies, it won’t be possible to provide the service.
Matomo on premise

Marketing cookies

These cookies are used to deliver advertisements more relevant for you, limit the number of times you see an advertisement; help measure the effectiveness of the advertising campaign; and understand people’s behavior after they view an advertisement.
Adobe Privacy policy | Marketo Privacy Policy | MRP Privacy Policy | AccountInsight Privacy Policy | Triblio Privacy Policy

Social media cookies

These cookies are used to measure the effectiveness of social media campaigns.
LinkedIn Policy

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Skip to main content

The two sides of the operational technology security equation

One could argue that industrial cybersecurity is suffering from the operational equivalent of dissociative identity disorder.

The first persona is on-site operational personnel with an engineering background responsible for security maintenance or system hygiene. The second persona is at the corporate level, in the CISO team or a 3rd party managed security services provider (MSSP) and comprises security analyst teams with a digital security background usually backed by third-party security architects.

Persona 1 is proactive and hands-on, whereas persona 2 is inherently reactive.

Today’s risk-intensive operational technology (OT) security demands a secure atmosphere with zero downtime. In such a scenario, personas 1 and 2 must work together closely to prevent and mitigate risk across the digital environments by adopting a proactive approach.

In today’s volatile cybersecurity climate, the only way to truly mitigate damage is to prevent it. The question is: how can personas 1 and 2 work together effectively to achieve this goal?

The risk bowtie model

The risk bowtie model is an excellent way to visualize how proactive and reactive approaches can work together to eliminate threats that can impact production.

The left side shows proactive controls and is referred to as operational security (OpSec).
OpSec focuses on proactively mitigating gaps before they become breaches. OpSec incorporates controls that include governance and policy implementation, gap and exposure identification and network architecture, to name a few.

The right side of the diagram shows reactive controls and is referred to as security operations (or SecOps).
SecOps efforts revolve around the security operations center (SOC), which focuses on day-to-day missions like monitoring systems, logging, anomaly detection, threat hunting and incident response.

What side does OT security demand?

Today, most OT security solutions in the market focus on the reactive SecOps paradigm – the right side of the diagram. These solutions detect and respond to security incidents after they happen.

Similar to contemporaneous trends in digital security, the OT solution requires adding automation and orchestration capabilities and integrating them into risk-based management routines, while enabling tighter collaboration with off-site cybersecurity teams.

Here is what companies can do to ensure this happens:

Move beyond the reactive-only vulnerability and anomaly detection approach by embracing proactive risk avoidance solutions and services

Accelerate OT/IT convergence by utilizing multi-function platforms that understand, control and orchestrate the diverse OT/IT/IIoT systems in the organization

Make sure that your security stack can dynamically adapt to changing threat vectors and risks

These steps will allow personas 1 and 2 to coexist, and effectively meet their shared goal of cost effectively creating a secure and productive production floor.

About the author

Yair Attar

CTO Otorio

Yair Attar is the Co-Founder and CTO of OTORIO from the past 4 years. As such, he is being leading safe digitalization through industrial-tailored cyber risk management, by providing managed security services for industrial control systems. His experience spans over 15 years of leading successful campaigns to defend mission-critical systems, including a decade serving as a senior officer in the Israel Defense Force (IDF) cyber command. Yair holds a bachelor’s degree in Economics and Management from The College of Management Academic Studies

About OTORIO

OTORIO delivers next-generation OT security and digital risk management solutions. The company combines top nation-state cybersecurity experts with cutting-edge digital risk management technologies to provide the highest level of protection for the manufacturing industry. Visit OTORIO at www.otorio.com

Interested in next publications?

 

Register to our newsletter and receive a notification when there are new articles.

Thank you for your interest. You can download the report here.
A member of our team will be in touch with you shortly