OT security evolution: key takeaways from field experience

Fujitsu / November 7, 2024

Manufacturing organizations are rapidly transforming with interconnected systems leveraging advanced technologies. Traditionally, cyber security focused on Information Technology (IT), leaving Operational Technology (OT) - responsible for industrial control - unprotected. As factories and manufacturing become interconnected, OT systems are now part of integrated networks. While this integration fosters efficiency, it also exposes critical infrastructure to significant cyber risks.

Relying on existing OT security solutions

According to the Gartner OT Security Maturity Model, many sectors like utilities, healthcare, and manufacturing are still in the initial phases of their security journey, relying on basic measures like VLANs (Virtual Local Area Network). These are no longer sufficient and OT asset owners are concerned about emerging cyber threats and advanced technologies. However, many companies indicate they won’t be replacing their existing solutions anytime soon, primarily due to budget constraints from the board.

Source: Gartner Model – extract from Market Guide for Operational Technology Security – 13 January 2021

Why OT security matters?

OT security isn't just about protecting data - it safeguards critical physical operations that underpin society. For instance, a cyber attack on a water utility could lead to contamination, putting countless lives at risk. In healthcare, disrupted medical supplies could severely impact patient care. High-profile incidents like the Colonial Pipeline ransomware attack and the SolarWinds breach have revealed vulnerabilities in the supply chain, highlighting the importance of protecting OT systems. Therefore, we strongly advise to conduct regular audits of your organization’s suppliers.

Beyond regulations and compliance for a secure future

Governments and regulatory bodies, like NIS2 in Europe, are implementing guidelines to protect OT environments, with OT-specific solutions like intrusion detection systems (IDS), intrusion prevention systems (IPS), network segmentation, and anomaly detection technologies playing a crucial role. Compliance helps maintain operational integrity and safeguard public and stakeholder interests, but proactive incident response strategies are also essential. A fundamental shift in mindset is crucial. Training employees and collaborating with security providers can help organizations prioritize OT security and make risk-based decisions.

How Fujitsu Uvance can help?

Fujitsu Uvance offers a wide range of cyber security services, including OT security solutions, to strengthen an organization's OT security posture. Fujitsu seasoned consultants can help organizations implement the best practices aligned with NIST 800-82, ISA/IEC62443 etc. and recommend the right tools for organization's specific needs.

OT Security Assessment: Fujitsu OT Security Assessments provide visibility of the current security posture of the site or plant, a thorough security risk analysis, recommendations, and a detailed roadmap to improve cyber security levels. The service also provides a list of OT assets for upload to a Configuration Management Database (CMDB), e.g., from ServiceNow.

OT Security Transformation: Fujitsu OT Security Transformation services can be the foundation of an organization’s defence against cyber threats targeting their critical OT infrastructure. These services can help organizations implement strong security measures like perimeter security, network segmentation, secure remote access, strong identity and access management controls and cyber policy & process establishment.

OT Managed Monitoring: Fujitsu OT Managed Monitoring service detects and notifies the customer of relevant OT security events that occur at their production sites (24x7) and provides expert support to contextualize events. The service, delivered from Fujitsu’s Global Security Operations Centres located across the globe, provides regular reports that include actionable insights on what is being seen on the network.

The Fujitsu approach: secure digital transformation

As industries digitize, securing OT systems is more than protecting your operations. It is essential for long-term sustainability. Fujitsu helps businesses navigate these challenges, ensuring they can confidently transform for the future.

Assess the cyber security in your production environment within a few minutes by filling out a few questions from our quick self-assessment below. Or explore Fujitsu's OT security solutions at www.fujitsu.com/global/ot-security.

Ali Najam
Global Lead OT Security Consulting
Ali is a seasoned cyber security consultant and architect with technical and business acumen. More than 13 years of global customers experience in cyber consulting and designing cyber secure network architectures.

Editor's Picks

OT security evolution: key takeaways from field experience
From isolation to integration, OT security is now vital for protecting critical infrastructure, pre…
Fujitsu / November 7, 2024
Refrigerators filled with food in a supermarket
Combating retail shrinkage: Innovative strategies for profit protection in the digital age
Explore innovative ways to combat retail shrinkage, from AI-powered surveillance to integrated inve…
Fujitsu / October 25, 2024
From compliance to competitiveness: Reframing the role of ESG in manufacturing
Discover how Fujitsu's Value loop framework is transforming ESG compliance into a competitive advan…
Fujitsu / October 9, 2024