1 Introduction / Executive Summary

Operational Technology (OT) encompasses the hardware and software systems that control, automate, and monitor equipment and physical processes in industrial settings such as manufacturing, warehouse and logistics management, power generation and distribution, transportation, and healthcare. These systems include Supervisory Control And Data Acquisition (SCADA) systems, Programmable Logic Controllers (PLCs), Human-to-Machine Interfaces (HMIs) and other devices and software that are designed to monitor and control the operation of machines, processes, and other specialized equipment in real-time. Operational Technology (OT) includes Industrial Controls Systems (ICS), Critical Infrastructure Systems (CIS), and Industrial Internet of Things (IIoT).

Critical Infrastructure Systems include energy, communications, defense industrial base, critical manufacturing, food and agriculture, government, healthcare, and transportation sectors. Some organizations in CIS are public utilities. Organizations that use Industrial Controls Systems (ICS) are generally considered to be a superset of the sectors in CIS, many of which operate as private enterprises. Industrial IoT (IIoT) refers to commoditized, IP communications-enabled devices (often sensors) which are increasingly used within ICS and CIS.

OT environments can have very high availability and security requirements, which, in many cases, necessitate the deployment of specially designed cybersecurity and identity management solutions.

The need to secure OT has increased in prominence for multiple reasons. Regulation to protect the public is being legislated by governments in many jurisdictions worldwide. Governments have intervened in cases of compromise of OT infrastructure, particularly where CIS has been involved. Companies and utilities are investing in IIoT technology to take advantage of expanding functionality and are decreasing costs to improve efficiency. Lastly, some high-profile attacks on ICS and CIS have brought awareness of cybersecurity risks to both the general public and to the boardroom.

Successful cyber-attacks against ICS infrastructure can cause significant downtime, lost productivity, reputation damage, and even threaten for-profit companies’ viability. Successful cyber-attacks against CIS can cause power outages, failures of public utilities, and even jeopardize lives. Organizations that operate OT environments must invest to avoid the downtime and damage that results from cyber-attacks

Companies and utilities that have OT systems typically have extreme uptime requirements and very short and infrequent system maintenance windows. This can exacerbate the problems of upgrading security products and even keeping critical systems up-to-date with security patches.

Securing access to OT assets is a paramount concern. Some attacks against ICS and CIS operators have used improperly secured Virtual Private Networks (VPNs) and other remote access tools as vectors. The Zero Trust Network Access (ZTNA) model is a leading cybersecurity paradigm that is founded upon the principle of least privilege. ZTNA can help reduce the risk of unauthorized access to OT environments.

Organizations that have OT should regularly review their security architectures and make investments to close cybersecurity gaps where discovered.

This whitepaper will review the cybersecurity threat landscape for OT, describe the high-level security architecture and some of the tool types needed for OT, consider some of the key requirements of the German KRITIS regulation, and provide an overview of the Cyolo Zero Trust Access solution.