Identifying a cyber risk, determining your options, and the level of exposure defines how true cybersecurity is a multi-disciplined, multi-faceted, ever-evolving program, not a single technology or practice.
Cybersecurity, especially in operational technology (OT), is not straightforward. It is often woefully underfunded, misunderstood, neglected or even ignored. It is no wonder that many end users look for point solutions to specific problems and are especially fond of products that promise significant coverage with minimal effort.
In reality, the only truly effective program is one with a host of protections. From whitelisting to change management, SIEM tools to anomaly detection, backups to patching, they are all necessary components strengthened by support from the overall program.
No single action or technology protects you from the Meltdown and Spectre threats. Why do cybersecurity buyers focus on single aspect of their problem? Why run an RFP process solely for an inventory solution, without planing the integration between inventory and patching, baselines, change management and whitelisting? Why purchase an anomaly detection tool without discussing how to resolve the issues it highlights for you?
While these individual cybersecurity tools are valuable and helpful, value is derived from a strong combination of tools.
What if you could pull a list of every single processor running in your plant and know what each needed to plan accordingly? What if you could click on a link in your asset inventory to show all details about that single asset in a single view from its last backup and patch level to how many failed logins have been registered on it? What if you could filter your asset view to highlight your critical and regulated assets? What if you could poll all OT systems to see how many are running XP and have SMB ports open or enabled? And send a single command to all infected devices to shut them down?
In time, build a robust cyber security platform that ties together multiple security tools. In the meantime, back up your systems, turn up your alerts, and tighten your controls.