OT security evolution: key takeaways from field experience

Fujitsu / November 7, 2024

Manufacturing organizations are rapidly transforming with interconnected systems leveraging advanced technologies. Traditionally, cyber security focused on Information Technology (IT), leaving Operational Technology (OT) - responsible for industrial control - unprotected. As factories and manufacturing become interconnected, OT systems are now part of integrated networks. While this integration fosters efficiency, it also exposes critical infrastructure to significant cyber risks.

Relying on existing OT security solutions

According to the Gartner OT Security Maturity Model, many sectors like utilities, healthcare, and manufacturing are still in the initial phases of their security journey, relying on basic measures like VLANs (Virtual Local Area Network). These are no longer sufficient and OT asset owners are concerned about emerging cyber threats and advanced technologies. However, many companies indicate they won’t be replacing their existing solutions anytime soon, primarily due to budget constraints from the board.

Source: Gartner Model – extract from Market Guide for Operational Technology Security – 13 January 2021

Why OT security matters?

OT security isn't just about protecting data - it safeguards critical physical operations that underpin society. For instance, a cyber attack on a water utility could lead to contamination, putting countless lives at risk. In healthcare, disrupted medical supplies could severely impact patient care. High-profile incidents like the Colonial Pipeline ransomware attack and the SolarWinds breach have revealed vulnerabilities in the supply chain, highlighting the importance of protecting OT systems. Therefore, we strongly advise to conduct regular audits of your organization’s suppliers.

Beyond regulations and compliance for a secure future

Governments and regulatory bodies, like NIS2 in Europe, are implementing guidelines to protect OT environments, with OT-specific solutions like intrusion detection systems (IDS), intrusion prevention systems (IPS), network segmentation, and anomaly detection technologies playing a crucial role. Compliance helps maintain operational integrity and safeguard public and stakeholder interests, but proactive incident response strategies are also essential. A fundamental shift in mindset is crucial. Training employees and collaborating with security providers can help organizations prioritize OT security and make risk-based decisions.

How Fujitsu Uvance can help?

Fujitsu Uvance offers a wide range of cyber security services, including OT security solutions, to strengthen an organization's OT security posture. Fujitsu seasoned consultants can help organizations implement the best practices aligned with NIST 800-82, ISA/IEC62443 etc. and recommend the right tools for organization's specific needs.

OT Security Assessment: Fujitsu OT Security Assessments provide visibility of the current security posture of the site or plant, a thorough security risk analysis, recommendations, and a detailed roadmap to improve cyber security levels. The service also provides a list of OT assets for upload to a Configuration Management Database (CMDB), e.g., from ServiceNow.

OT Security Transformation: Fujitsu OT Security Transformation services can be the foundation of an organization’s defence against cyber threats targeting their critical OT infrastructure. These services can help organizations implement strong security measures like perimeter security, network segmentation, secure remote access, strong identity and access management controls and cyber policy & process establishment.

OT Managed Monitoring: Fujitsu OT Managed Monitoring service detects and notifies the customer of relevant OT security events that occur at their production sites (24x7) and provides expert support to contextualize events. The service, delivered from Fujitsu’s Global Security Operations Centres located across the globe, provides regular reports that include actionable insights on what is being seen on the network.

The Fujitsu approach: secure digital transformation

As industries digitize, securing OT systems is more than protecting your operations. It is essential for long-term sustainability. Fujitsu helps businesses navigate these challenges, ensuring they can confidently transform for the future.

Assess the cyber security in your production environment within a few minutes by filling out a few questions from our quick self-assessment below. Or explore Fujitsu's OT security solutions at www.fujitsu.com/global/ot-security.

Ali Najam
Global Lead OT Security Consulting
Ali is a seasoned cyber security consultant and architect with technical and business acumen. More than 13 years of global customers experience in cyber consulting and designing cyber secure network architectures.

Editor's Picks

AI-driven transformation: A synergistic path to sustainability and profitability
Drawing on Fujitsu’s research and extensive experience with customers worldwide, this blog discusse…
Fujitsu / November 20, 2024
Understanding Zero-Knowledge Proofs and their impact on privacy: A simple guide
Zero-knowledge proof (ZKP) technology is rapidly evolving, and its impact is being felt across vari…
Fujitsu / November 12, 2024
Unlocking Net-Zero: The role of emerging technology
Increasing levels of environmental awareness has led both governments and organizations to commit t…
Fujitsu / November 12, 2024