In the second of his three-blog series, Admiral (Ret.) Michael S. Rogers, Chairman of Claroty’s Board of Advisors, addresses the importance of improving resiliency and redundancy while securing operational technology (OT) environments.
In my previous blog I talked about how important, yet challenging, it is to protect critical infrastructure in this “new normal.” We have pivoted quickly from a very fixed, traditional kind of infrastructure to a very virtual, distributed one to support remote workers and enable social distancing. In this new structure, you get more risk and, in many ways, less resiliency and redundancy because we did this on the fly.
Now is the time to step back to determine what you can do to enable this temporary environment to withstand degradation and loss. You are through the initial phase. You have put the infrastructure in place, along with processes, meetings, and schedules, to navigate to a dispersed norm. The next phase is to drill down to understand what your critical technology infrastructure and critical human infrastructure look like now, so you can take action to improve resiliency and redundancy.
Prior to the global health crisis, most companies worked from fixed geographic locations using long-standing infrastructure, architecture, and teams structured for that world. But now your IT and OT teams have had to create a temporary infrastructure and architecture on the fly, and they are not at work physically. They aren’t sitting around desks together waiting for phone calls and monitoring systems built for security. They are taking on additional responsibilities like employee training and implementing and scaling new systems, while trying to figure out how to make everything work to keep the business up and running and operating safely, all from their home offices.
How are you going to make sure your temporary architecture and dispersed teams can deal with penetrations, loss of connectivity and other outages?
Start by strengthening the security of your OT network. You don’t have three or six months to figure out a plan to secure your OT network with the technologies and processes you use on your IT networks. Time and resources are particularly constrained now, and that isn’t the right approach even under the best of circumstances. Because OT network traffic provides all the security information you need to monitor for threats, a solution like Claroty’s Continuous Threat Detection (CTD) can give you the asset visibility and continuous threat monitoring you need.
Also, make sure employees and third-party vendors have Secure Remote Access (SRA) so they can still do their jobs effectively. Any employee or third-party contractor who previously worked on site but is now working outside the facility needs online access so they can continue to ensure uninterrupted operations. Monitoring and making changes to production lines and manufacturing processes can become even more mission-critical during times of disruption, depending on the industry and products and services provided.
If an incident happens and you need to respond, another important aspect of resiliency is your crisis response plan. Go back to the basics and make sure your plan translates to today. What are the critical processes to respond to an intrusion in this new world, and is the plan still relevant? I bet it doesn’t assume your workforce, security professionals and executive team are dispersed. Something as simple as updating your phone tree with everyone’s cell phones will save valuable time if an intrusion is detected and needs to be communicated.
It’s more important than ever that companies continue to operate without interruptions and impediments to minimize risk. By understanding what’s critical in this new normal infrastructure, you can focus on building in levels of resiliency and redundancy at a time when we can’t afford further disruption or loss.
Admiral (Ret.) Michael S. Rogers retired in 2018 from the U.S. Navy after a distinguished 37-year career. In March 2014 he was appointed by President Barack Obama as the 17th Director of the National Security Agency and th 2nd Commander of U.S. Cyber Command. Prior to earning his fourth star he commanded the U.S. Tenth Fleet and U.S. Fleet Cyber Command. Admiral Rogers also served as the Director for Intelligence for both the Joint Chiefs of Staff and U.S. Pacific Command. A native of Chicago, he attended Auburn University, graduating in 1981 and receiving his commission via the Naval Reserve Officers Training Corps. Originally a surface warfare officer (SWO), he was selected for re-designation to cryptology (now Information Warfare) in 1986. Rogers ia a distinguished graduate of the National Ware Collage and a graduate of highest distinction from the Naval War College.