Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
April 14, 2023
On March 8, Optiv’s Sean Tufts and Jessica Hetrick sat down with guest speaker, Forrester Principal Analyst Brian Wrozek to discuss the operational technology (OT) security challenges facing businesses today.
The three experts shared insights on notable trends in the OT industry, where organizations should start when building their OT security capabilities, the most shared challenges organizations have when advancing an OT security program and recommendations to overcome these challenges.
Here are the highlights from this event.
Several industries are just now starting to understand the need to develop a cybersecurity strategy which encompasses their OT assets. According to Brian's presentation, each year, Forrester conducts a security survey and asks, “Which of the following initiatives are likely to be your organization’s top tactical information/IT security priorities over the next 12 months?” From these results, 20% indicated that “develop[ing] or maintain[ing] a strategy for Industrial Control System (ICS) or Operational Technology (OT) environments” was at the top of their list.
As more companies focus on their OT environment, it’s important that the investment follows. Based on further survey questions, 63% of security decision-makers planned to increase their budget spending for OT and ICS technologies from 2022 to 2023.
The next question, then, is where do you start? Starting with asset discovery will help inform your next steps. What do you have on your network? Many organizations are very aware of their big OT systems, but don’t realize that the elevator, HVAC system, and other assets are now directly connected to the internet.
Two foundational tools for OT security include segmentation and antivirus. Segmentation helps prevent lateral movement, while antivirus helps root out any malware that makes it through the firewall.
Most importantly, you can’t protect what you don’t know about. Focus on:
The most successful companies have collaboration at the center of their security programs. Starting an open dialogue between security leaders and leaders who are responsible for ensuring OT uptime provides a greater chance of building an OT security program that works.
Many organizations are facing intricate supply chains and limited visibility, which create complex OT environments. It pays to be thoughtful about your vulnerability management program and how it ties into your patch management program. An up-to-date asset inventory and tools that improve visibility will mitigate some of these challenges.
We see a lot of OT running on legacy systems that may not be compatible with modern security controls. This was less of a problem when air gaps were fully intact, but now this equipment is often connected to the internet. Intrusion detection systems and antivirus can help.
Defending critical infrastructure is another top priority. Historically, regulations have been a powerful force when it comes to raising attention and driving investment in security. The challenge, however, is when competing agencies are all attempting to make up their own rules. Ensuring your critical infrastructure is resilient is not going to happen overnight. It is a long, multiyear effort to put the necessary security in place - so the sooner you start, the better.
This LinkedIn Live event featuring Forrester guest speaker Brian Wrozek and Optiv’s Sean Tufts and Jessica Hetrick provided valuable insights into operational technology security. To hear more trends and commentary from the three experts, watch the event on demand.
Optiv Security: Secure greatness.®
Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.
Let us know what you need, and we will have an Optiv professional contact you shortly.