OT security evolution: key takeaways from field experience
Fujitsu / November 7, 2024
Manufacturing organizations are rapidly transforming with interconnected systems leveraging advanced technologies. Traditionally, cyber security focused on Information Technology (IT), leaving Operational Technology (OT) - responsible for industrial control - unprotected. As factories and manufacturing become interconnected, OT systems are now part of integrated networks. While this integration fosters efficiency, it also exposes critical infrastructure to significant cyber risks.
Relying on existing OT security solutions
According to the Gartner OT Security Maturity Model, many sectors like utilities, healthcare, and manufacturing are still in the initial phases of their security journey, relying on basic measures like VLANs (Virtual Local Area Network). These are no longer sufficient and OT asset owners are concerned about emerging cyber threats and advanced technologies. However, many companies indicate they won’t be replacing their existing solutions anytime soon, primarily due to budget constraints from the board.
Source: Gartner Model – extract from Market Guide for Operational Technology Security – 13 January 2021
Why OT security matters?
OT security isn't just about protecting data - it safeguards critical physical operations that underpin society. For instance, a cyber attack on a water utility could lead to contamination, putting countless lives at risk. In healthcare, disrupted medical supplies could severely impact patient care. High-profile incidents like the Colonial Pipeline ransomware attack and the SolarWinds breach have revealed vulnerabilities in the supply chain, highlighting the importance of protecting OT systems. Therefore, we strongly advise to conduct regular audits of your organization’s suppliers.
Beyond regulations and compliance for a secure future
Governments and regulatory bodies, like NIS2 in Europe, are implementing guidelines to protect OT environments, with OT-specific solutions like intrusion detection systems (IDS), intrusion prevention systems (IPS), network segmentation, and anomaly detection technologies playing a crucial role. Compliance helps maintain operational integrity and safeguard public and stakeholder interests, but proactive incident response strategies are also essential. A fundamental shift in mindset is crucial. Training employees and collaborating with security providers can help organizations prioritize OT security and make risk-based decisions.
How Fujitsu Uvance can help?
Fujitsu Uvance offers a wide range of cyber security services, including OT security solutions, to strengthen an organization's OT security posture. Fujitsu seasoned consultants can help organizations implement the best practices aligned with NIST 800-82, ISA/IEC62443 etc. and recommend the right tools for organization's specific needs.
OT Security Assessment: Fujitsu OT Security Assessments provide visibility of the current security posture of the site or plant, a thorough security risk analysis, recommendations, and a detailed roadmap to improve cyber security levels. The service also provides a list of OT assets for upload to a Configuration Management Database (CMDB), e.g., from ServiceNow.
OT Security Transformation: Fujitsu OT Security Transformation services can be the foundation of an organization’s defence against cyber threats targeting their critical OT infrastructure. These services can help organizations implement strong security measures like perimeter security, network segmentation, secure remote access, strong identity and access management controls and cyber policy & process establishment.
OT Managed Monitoring: Fujitsu OT Managed Monitoring service detects and notifies the customer of relevant OT security events that occur at their production sites (24x7) and provides expert support to contextualize events. The service, delivered from Fujitsu’s Global Security Operations Centres located across the globe, provides regular reports that include actionable insights on what is being seen on the network.
The Fujitsu approach: secure digital transformation
As industries digitize, securing OT systems is more than protecting your operations. It is essential for long-term sustainability. Fujitsu helps businesses navigate these challenges, ensuring they can confidently transform for the future.
Assess the cyber security in your production environment within a few minutes by filling out a few questions from our quick self-assessment below. Or explore Fujitsu's OT security solutions at www.fujitsu.com/global/ot-security.