Staying on top of new technology and cybersecurity at aging plants is complicated. Many plants have legacy equipment with unsupported operating systems or software. Patching or upgrading may not be possible but migrating to something new is not cost-effective. Consider these four key ways to overcome these challenges and increase threat visibility.
Baseline Your Network
Baselining your network helps determine which communication activities are normal and which may be threats. A comprehensive device inventory will help you observe when new or unapproved devices connect to your network, the communication between devices, and the operational technology protocols they are using.
Centrally Collect System Logs
System logs can help correlate events across different devices and different manufacturers. This will provide horizontal visibility across your company. You can use machine learning technology to automate the review of these logs.
Implement Incident Response Playbook
Completing the first two steps above doesn’t add value without a plan in place to monitor and act upon this data. Consider implementing tabletop exercises to roleplay the various scenarios.
Develop a Central Pane of Glass
It’s crucial to develop a dashboard with specific key points of interest across all your company’s verticals. This will help your operation center teams efficiently parse the data. Central visibility will help close the gap and provide insight into the wide variety of devices that can be seen today.
In manufacturing, security has typically taken a secondary role to production. However, the industry is beginning to see a rapid increase in OT threats. By implementing some of these best practices, you can gain additional visibility into the threats facing your OT network.
This article was originally published here.
