Representative End User Clients
Representative Automation Clients
Representative Software Clients
This year’s ARC Industry Forum in Orlando once again featured a full day of cybersecurity workshops. Cybersecurity solution provider Fortinet had its own workshop hosted by Fortinet Director of Operational Technology and Critical Infrastructure Michelle Balderson. You can watch the full video from the workshop here at the ARC YouTube channel. Highlighting the disruption caused by digital transformation, Michelle discussed the role of evolving cybersecurity strategies and security considerations beyond visibility, including integrated control and situational awareness. By creating a cybersecurity framework, organizations can confidently move forward in a digitally transformed business, while sustaining safe and continuous operations.
Successful IT/OT Convergence Requires Empathy
Before plunging into the core topic of digital innovation, Michelle provided the background context. “In 1992, people were ordering internet circuits without any consideration of security. Things haven’t changed much. Today, we are digitally transforming our businesses by adopting new technologies, generally without much focus on security. But one of the big takeaways from the ARC Industry Forum is that we are now talking about people and processes, and a huge culture shift. And in that culture shift, we need to bridge the gap and make our employees empathetic. Empathy involves understanding domain expertise. There are multiple domains: IT, OT, building automation, building management; and we need to respect that expertise within the domain. Different vendors are talking about cyber today, but what’s happened is that we've converged into cyber-physical security concerns. So, we need to address it from both the cyber and physical angles. “
On Digital Innovation and Cybersecurity
“Digital innovation creates both increased competitive differentiation and increased cyber exposure. Cyber threats take advantage of this exposure by exploiting the vulnerabilities. Digital innovation is causing increased risk across all industries and organizations are facing a number of security challenges: an expanding attack surface, increased threat sophistication, ecosystem complexity, and regulatory compliance. Digital innovation is the realization phase of digital transformation because simply what we are doing now is using more technology to drive greater efficiency. “
“Digital transformation began in the 1970s. It's not something new, especially when we refer to the manufacturing sector. The trajectory went from early isolated and proprietary systems to the serial / IP connections separating networks by an air gap, to our current network environment driven by convergence and cloud. “
Source: Fortinet
On Digital Innovation and Common Security Challenges
“Digital innovation increases awareness of vulnerabilities as the digital attack surface expands. Ransomware incidences are continuing to increase in volume. We have ecosystem complexity where over the course of time we've taken a best-of-breed approach to be able to protect our systems relative to security. Unfortunately, we end up having too many point products supported by multiple vendors that create too much complexity, burdening our already overworked staff without the benefit of a single pane of glass view of our environment. We also have too many alerts and a skills shortage relative to security; and that skills shortage extends to operations too.”
Speaking about the expanding attack surface, she highlighted the eBay attack in 2003 and the major worms – Code Red and Slammer, and Stuxnet; and that we ought to have learned our lessons and holistically secure our environments. Attacks are increasing at an alarming rate because the attackers are using machine learning and artificial intelligence within swarm bots. The swarm bots attack hasn’t occurred as yet, but it might in 2020, said Michelle.
On Security Considerations to Support Digital Innovation
According to Michelle, the focus needs to shift from keeping the bad guys out to keeping the adversary from achieving their goal. As the cyber and physical converge, cybersecurity must mature, just like every other aspect of business matures over the course of time. And with that, we need to be able to put an ecosystem together that starts from the recognition of the devices within the environment, all the way through to the response when we're dealing with a breach.
So how do we support digital innovation given these common security challenges?
• Broad visibility: Defining the attack surface
• Integrated control: Extensive enforcement points
• Automated awareness: Timely and appropriate response
In this context, Michelle spoke about Fortinet’s Security Fabric platform and its ability to leverage the Purdue Reference Architecture, which can deal with physical processes, and the data acquisition that is a component of industrial IoT applications. To apply the Purdue Reference Architecture, the external environment and remote access must be taken into consideration; and the solutions/technologies that could be deployed at every level – from process control firewalls to industrial IoT secure gateways. According to Michelle, “IoT changes the game from the perspective of how we are collecting, distributing, and sharing data. It is vital to intercommunicate between all the different devices to be able to reduce time to protection; not only within Fortinet products but as many other vendor products as possible, because that's how we're going to respond to cyber-attacks."