ICS/OT Cybersecurity: 2023’s Challenges and Tomorrow’s Defenses

As the threats to industrial control systems evolve, our strategies and tactics as network defenders must keep apace. To aid in this effort, SANS has recently released the results of an ICS/OT cybersecurity survey, which polls security practitioners and decision makers from a wide range of industrial verticals, including energy, chemical, critical manufacturing, nuclear, water management and others. This survey provides us with valuable insights into the nature of the real-world threats that control systems operators face every day. It also yields a wealth of information about industry trends and ICS/OT security priorities, from the field. Read RMC’s main takeaways below. 

Download your copy today 

Most organizations still have immature ICS/OT security programs

When asked about planned future initiatives to improve ICS security, survey participants’ top responses indicated a focus on foundational components of any OT security program, such as increased asset visibility, intrusion detection systems, better physical security, and cybersecurity education and training.

There is increased interest in conducting risk assessments and penetration tests in ICS/OT environments

Survey participants are more commonly performing risk-based assessments, including penetration tests, to identify gaps in security controls within their ICS/OT environments.

The penetration tests tend to be conducted at the higher levels of the Purdue Model (3-5). The objective is to identify attack paths from the enterprise network to the ICS network, or vice versa. Penetration tests can provide important insights, but are most effective for more mature OT environments where previously identified vulnerabilities have already been addressed.

RMC is here to help

Although foundational investments are a necessary component of any ICS/OT security program, program design, sequencing, prioritization of investments, and proper coordination must be considered from the start to maximize risk reduction. We support you to:

  • Help you understand your program’s maturity and adherence to OT security best practices
  • Help you set realistic goals for your ICS/OT environments, and help you achieve them
  • Suggest and implement security solutions tailored to your business goals and regulatory requirements
  • Implement safe, complete, and effective security controls
  • Identify vulnerabilities actively placing your operations and infrastructure at risk

For large organizations, building a strong relationship between security leadership and sites is key to efficient project execution. Improving cybersecurity in ICS/OT environments requires a coordinated effort between enterprise IT (security) teams, site leadership, plant engineers, vendors, integrators, and more. RMC can help foster these relationships, aligning your program’s cybersecurity goals with your sites, achieving buy-in, and building a positive and proactive security culture. During our engagements, we follow these guiding principles:

  • Speak the sites’ language and build trust between the program and the sites 
  • Foster increased cybersecurity awareness with site personnel and leadership
  • Communicate the goals of our proven assessment methodology – we are there to help, not audit
  • Share insights to inform funding decisions for system upgrades and process redesigns

How can RMC help your organization? 

Contact us today: sales@rmcglobal.com

Be sure to follow RMC Global on LinkedIn, and bookmark our News & Perspectives website to stay apprised of industry insights and topical advice on establishing cyber resiliency in OT environments. 

OT Cyber Coalition Welcomes RMC Global as Newest Member

Washington, DC, June 8, 2023 – Today, the Operational Technology Cybersecurity Coalition (OT Cyber Coalition) announced that RMC Global will join the diverse group of leading cybersecurity vendors in support of the organization’s effort to enhance the resiliency of the nation’s critical infrastructure. RMC is the 16th company to join the OT Cyber Coalition since its launch in April 2022.

“The addition of RMC further bolsters our coalition’s ability to inform federal policies in the most comprehensive way possible to enhance our collective cyber posture for operational technology,” said Andrew Howell, Executive Director, OT Cyber Coalition. “We look forward to bringing their expertise to bear in our efforts to move the needle on solutions needed to make the United States the leader in hardening our critical infrastructure for current as well as future threats.”

RMC protects and prepares government and commercial partners with risk management, mission assurance, and industrial cybersecurity solutions which allow their customers to prevail in an evolving threat environment.

“RMC is proud to be a member of the OT Cyber Coalition and play a part in illuminating OT cyber risks and advocating for meaningful OT cybersecurity policies,” said Vince Kuchar, CEO of RMC Global. “As a leading provider of ICS/OT cybersecurity services to federal and commercial customers, we believe that constructive dialog between industry and government will help produce meaningful change toward our vision of assuring tomorrow for critical infrastructure, our military missions, and the communities they serve. We look forward to collaborating with industry and government partners to advance this important domain of cybersecurity.”

More information about the OT Cyber Coalition is available on the coalition’s website, otcybercoalition.org.

About RMC Global

RMC provides a full lifecycle of Mission Assurance and risk management solutions, with deep expertise in critical infrastructure protection and industrial cybersecurity, to protect our country’s most important and vital assets. Operating worldwide, RMC provides federal government and commercial organizations the analysis, assessments, strategy and remediation required to protect personnel, facilities, networks, and critical infrastructure. Founded in 2011, RMC has offices in Destin, Florida, and Arlington, Virginia. www.RMCGlobal.com

About the OT Cyber Coalition         

The Operational Technology Cybersecurity Coalition is a diverse group of leading cybersecurity vendors dedicated to improving the cybersecurity of OT environments. Representing the entire OT lifecycle, the OT Cyber Coalition believes that the strongest, most effective approach to securing our nation’s critical infrastructure is one that is open, vendor-neutral, and allows for diverse solutions and information sharing without compromising cybersecurity defenses. The OT Cyber Coalition was founded by Claroty, Forescout, Honeywell, Nozomi Networks, and Tenable in 2022. For more information, visit https://www.otcybercoalition.org/.

What’s the Difference Between OT, ICS, SCADA and DCS?

Every day, multiple technologies work in the background to make modern life possible. Two of the most important examples include Information Technology (IT) and Operational Technology (OT). While most of us recognize IT as a term that broadly encompasses digital computing, what about OT?

OT can be difficult to understand, but that’s only because most of us are unaware of the nomenclature. In recent times, exciting developments are bringing about a convergence between OT and IT that have big implications for technology and industry.

In this article, we’ll define what it is, and how it relates to other terms.

Operational Technology

Industrial Control Systems

OT or Operational Technology encompasses the computing systems that manage industrial operations. This includes monitoring of Oil & Gas, the Electric Utility Grid, manufacturing operations, and more.

Simply put, OT runs the networks that allow common civilized norms to continue like the electricity turning on in your house or the clean running water coming out of your faucet.

Industrial Control System

Industrial Control System (ICS) is an umbrella term that includes both SCADA and DCS. An ICS network can monitor many infrastructure and raw material systems. For instance,

  • Conveyor belts in a mining operation
  • Power consumption in the electric grid
  • Valve pressures in a natural gas facility

ICS networks are mission critical, requiring immediate and high-availability. In many ways, this emphasis represents the main difference between IT and OT/ICS systems. For IT, security is high priority preserved by the Confidentiality, Integrity, and Availability (CIA) triad. In OT/ICS networks, both integrity and confidentiality come second to availability.

SCADA

Supervisory Control and Data Acquisition (SCADA) is a systems architecture for managing large and complex processes. SCADA systems are normally found in utility providers such as natural gas and electric power transmission, where control functions are distributed over a large geographic area.

SCADA systems consist of three main components:

  1. central command center consists of all the servers running SCADA software
  2. Multiple, remotely located local control systems directly control and automate process equipment
  3. Communication systems connect the servers at the central command center to the remote locations

The main purpose of SCADA is data acquisition: the networks consist of multiple remote terminal units (RTUs) that are used to collect data back at the central command center, where they can be used to make high level decisions.

Distributed Control System

Distributed Control System (DCS) is a type of process control system that connects controllers, sensors, operator terminals and actuators. The data acquisition and control functions are performed by distributed processors situated near the peripheral devices or instruments from which data is being gathered.

While DCS and SCADA are functionally very similar, DCS is generally employed at large, continuous processing facilities. Operations are almost always controlled onsite rather than remotely.