HAMED DIAB,
REGIONAL
VP OF MENA,
FORESCOUT
?
editor’s question
he bringing
T
together of IT and
OT on business
networks is often
promoted as a key
part of the Digital
Transformation
process. Remote maintenance, faster
production cycles, shorter supply chains
and, above all, quicker progression
from prototype development through
to the end-product are just some of
the advantages. Couple this with the
introduction of 5G and production
processes will be faster and more
interconnected than ever before.
However, along with its numerous
benefits, connecting IT and OT
technology can also have its
drawbacks, especially when considering
cybersecurity and fail-safety. The result
of more connected devices is that there
is also a higher volume of access points
to the network and therefore more
potential attack vectors for bad actors.
There are numerous technologies that
detect dangers in OT networks but many
fail because they cannot keep up with
the ongoing push from OT engineers
to achieve the most uninterrupted
operation. In the worst-case scenario,
the supposed ‘defences’ can even
create further risks.
When IoT and OT devices gain access
to a flat network, they have the freedom
to move laterally if not properly
segmented, limiting full visibility and
creating blind spots which can be
later exposed. Network segmentation,
however, can be dynamic. For example,
by providing a Zero Trust approach
across all environments and to all
devices, with different policies for the
computer at the front desk and the
CEO’s laptop, the risk posed by attacks
is automatically limited.
CISOs are having a difficult time in
providing this security. Maintaining close
control of their networks and device
ecosystem continues to become more
difficult as IoT and OT devices increase.
In order to achieve effective security, the
full context of connected devices must
be available to regain both visibility and
control. From the data centre to cloud
and OT environments, devices can be
given appropriate access rather than
access to the entire network.
The result of more
connected devices
is that there is also
a higher volume of
access points to the
network and therefore
more potential attack
vectors for bad
actors.
www.intelligentciso.com | Issue 26
29