In this latest of our series of interviews with industrial cybersecurity leaders for the ARC Industry Forum 2021, we talk to Del Rodillas (GICSP) of Palo Alto Networks. Del leads a global team of security experts focused on thought leadership and security solution architectures for IT-OT industries.
In this interview, I ask Del about some of the major hurdles that end-users in the industrial sector must overcome to improve their cybersecurity posture, how digital transformation, edge systems, and IoT are changing the game for industrial cybersecurity, and justification of investment in cybersecurity solutions. This interview also gives you a great introduction to Palo Alto's capabilities and philosophy of industrial cybersecurity from one of its best spokespeople. Even though the forum is over, you can still register for the ARC Forum to see Del and some of Palo Alto Networks' customers as speakers and panelists in our dedicated cybersecurity track.
Spanning IT and OT: “Firewall As A Platform”
Here are some excerpts from Del’s opening remarks that more clearly outline the strategy and vision of Palo Alto Networks:
We like to think that we're the largest pure-play cybersecurity company in the world. We focus on providing this completeness of security via a platform and in our case, it's something that can span IT and OT. It really addresses the needs of OT and ICS today, as well as the needs for the future. It’s a platform that's composed of three main aspects. There's the network element, and increasingly going forward as digital transformation happens for industrial organizations, the cloud is a key component of our platform, as well as the security operations component, so these three pieces really provide the main components of our platform -- the three legs if you will.
From a network standpoint, we think of it as a “firewall as a platform” where you're able to implement in a very consistent way these zero-trust networking principles across your entire OT infrastructure, whether it's at the perimeter or at the plant floor or in the future OT, where IT uses the cloud, which uses SD-WAN, so you need to have this consistent approach to protecting the network, whether it's the OT of today or tomorrow.
As OT organizations move some of their workloads up into the cloud for applications like digital twins, historians, and predictive maintenance, that's another area that you need to consider, specifically the development environment or the DevOps environment. So, securing the cloud is another aspect of OT that we see actually coming very quickly as we engage with our end users.
The third component is the security operations center. As you mature, you're going to want to be able to have this ability to quickly detect threats and respond to them. In the future, where there's going to be a lot of industrial IoT devices, there's going to be a big role for the security orchestration and automation as well as the security that leverages machine learning.
Palo Alto Networks’ View of a Converged IT and OT Cybersecurity Architecture, From Their Recent White Paper