Industrial cybersecurity is a critical requirement in a digitally connected world. It is primarily about the convergence of safety from the OT (operational technology) environment and the goals of security from the IT environment. At the recent ARC Industry Forum in Orlando, ARC’s cybersecurity lead Sid Snitkin and Scott Christensen, Cyber Practice Director at GrayMatter Systems, had an in-depth discussion on industrial cybersecurity. You can watch the video here or on YouTube.
GrayMatter’s Approach to Industrial Cybersecurity
Sid’s opening question was: “Industrial cybersecurity spans a very broad set of technologies and services. Where does GrayMatter’s offerings fit in this complex environment?”
The company focuses on a couple of things, explained Scott. First, we focus on how to provide defense-in-depth to our customers, i.e., multiple layers of defense. Next, we help companies with technology decisions. “Because there's quite a bit of white noise out there, and a lot of different products, a lot of different solution sets. And not everything's a great fit. So, a lot of times, we work with our customers to help them decide what's the best technology, and what's the best way to apply that technology.”
IT and OT Cybersecurity
IT cybersecurity is a priority across all industries, but industries, like oil & gas and power, also face OT cybersecurity challenges, opined Sid. How can GrayMatter help these companies improve their OT cybersecurity?
Scott responded that they have witnessed this interesting dynamic. There's usually a heavy investment on the IT side – and that is where most of the cost center is located. But, there doesn’t seem to be much focus on protecting the actual revenue generating assets. Now, people are realizing that, and “there's been a transition to increase cybersecurity maturity on the OT side of the house.”
Major Threats to OT Cybersecurity
Discussing the major threats to companies today in the OT world, Scott said that ransomware is no longer an OT problem or IT problem, it's just across the board. “And the other thing we're starting to see is a lot more focus on unintentional internal threat actors. People not following best practices, sharing passwords, etc.” These are increasingly being addressed in the industry.
Aligning People, Processes, and Technologies
“I think a lot of times we jump to the technology, looking for the mousetrap that fixes all the problems. And I think a lot of times we skip over the people and the process,” said Scott. “We need to consider if we are following good practices, and if the people are aware of why cybersecurity is required. People don’t realize that what’s convenient (like sticky notes or dual NIC cards) can be a vulnerable point. So, we must start moving away from what's convenient to what's secure, and enabling that to happen.”
Customers are also confused about which standards to apply and engage in a maturity model that allows them to grow the cybersecurity program. This is where GrayMatter can guide them.
Cybersecurity Enables Digital Transformation
Scott explained that when it comes to digital transformation, cybersecurity is often considered a disabler. But this is a wrong notion. “Digital transformation and enablement need to go together.” Clients are so used to security telling them that certain procedures can’t be done. It’s not as if the security person doesn’t want to enable things, but he doesn’t know the way to do it. That’s where GrayMatter steps in and shows the customer a practical way to do a lot of it (remote access, segmentation etc.). The company shows and guides them towards ways to do things differently and better. And once that’s done, cybersecurity is no longer viewed as a roadblock and “becomes much more collaborative with digital transformation.”