Key Challenges in Ot Security

In #OTsecurity, priorities are structured differently than in IT, with safety being the utmost concern. The aim is to prevent the loss of life, endangerment of public health or damage to the environment, production or equipment. Therefore, any decision or security measure introduced must be technically understood for its impact on safety and availability. This underscores the importance of never overriding or interrupting these essential critical functions in #zerotrust architecture implementations, especially safety functions associated with fault-tolerant systems design. #OT systems typically employ a fail-to-a-known-state design (i.e., fail-safe design) in the event of an unexpected situation or a component failure. The fail-safe design considers placing the equipment or process in a safe state that prevents injury to individuals or the destruction of property and avoids cascading events or secondary hazards. #Cyber-related events, such as the loss of network communications, could trigger these fail-safe events. Organizations should define the thresholds at which OT components can operate with reduced or disrupted capabilities, such as lost network communications. In the ISA/IEC #62443 series of standards, essential functions are defined as functions or capabilities required to maintain health, safety, the environment and availability of the equipment under control. Essential functions include: 1. The safety instrumented function (SIF) 2. The control function 3. The ability of the operator to view and 4. manipulate the equipment under control Write up by Danielle J., Andrew Kling, Bob Pingel and Mike Chaney.

Your OT Security Playbook Is Missing This One Critical Step Most OT security strategies focus on firewalls, segmentation, vulnerability management, and threat detection—all important. But here’s the problem: None of that matters if you don’t know what truly drives your business. What’s missing? Business impact mapping. Too many cybersecurity teams prioritize technical risks without understanding operational risks. Here’s what gets overlooked: -(Direct)Which 3-5 systems are so critical that their failure halts production? -(Indirect) How does an IT failure (ERP, MES, supply chain) impact OT operations? -(Direct & Indirect) What are the financial, safety, and regulatory consequences of downtime? For Example: A global manufacturer had what would be considered great network segmentation but zero resilience planning. When a ransomware attack hit their ERP system, • No raw materials could be ordered. • Scheduling went offline. • Entire plants sat idle for four days. The cost? Millions in lost production. The best security teams don’t just protect networks—they protect business operations. If your security playbook isn’t prioritizing business resilience, it’s not considering significant business risk. What’s the most overlooked risk you’ve seen in OT security? Let’s compare notes. #OTSecurity #CyberResilience #ManufacturingSecurity #IndustrialCyber #CISOInsights

The 2025 Honeywell Cyber Threat Report reveals a stark reality: the industrial sector is facing a cybersecurity reckoning. Cyberattacks on operational technology (OT) environments have intensified—ransomware surged 46% in six months, while attacks on water systems, transportation networks, and manufacturing plants have caused real-world disruptions. Threat actors are no longer simply infiltrating; they are interrupting critical services and endangering safety and continuity. One notable trend is the rise in USB-based malware and credential-stealing Trojans like Win32.Worm.Ramnit, which surged 3,000% in frequency. In parallel, over 1,800 distinct threats were detected through Honeywell’s Secure Media Exchange (SMX), with alarming infiltration routes observed across removable media, remote access exploits, and compromised credentials. What’s driving this escalation? • Legacy systems with limited security controls remain widely deployed. • Converged IT/OT environments increase the attack surface. • Regulatory pressure, such as the SEC’s cybersecurity disclosure rule, is raising the stakes for leadership teams. The implication is clear: defending the industrial enterprise requires more than traditional cybersecurity postures. It demands a shift toward cyber resilience—a proactive, integrated approach that embeds security into the DNA of operations. At a minimum, organizations must act on five imperatives: 1. Adopt Zero Trust principles—no device, user, or process should be implicitly trusted. 2. Implement strict segmentation between IT and OT networks. 3. Elevate threat visibility with continuous monitoring, detection, and response tools. 4. Enforce multi-factor authentication and access governance. 5. Ensure secure USB/media handling and endpoint control at every entry point. This is not a technology problem alone—it is an operational and leadership mandate. Every breach is now a business risk. Boards, CISOs, and plant leaders must align around a single objective: operational continuity through cyber integrity. Honeywell remains committed to advancing industrial cyber maturity through our ecosystem of threat detection, monitoring, and managed response capabilities. But securing the future will require collective effort—from regulators, vendors, operators, and industry consortia. As the report concludes, it’s not a matter of if your OT environment will be targeted. The question is—will you be ready?

No OT/ICS network is 100% secure. Many are far from being considered secure at all. Very far. Plenty of reasons exist on why. -> Misisng budget -> Lack of awareness -> No technical training -> False belief in the airgap -> Downtime isn't an option -> Incompatible legacy systems -> No clear owner for OT cybersecurity The SANS 5 ICS Cybersecurity Critical Controls can help though. These were created when looking across all known ICS cyber incidents. And asking the question - "What controls would help in all of these situations?" Hence the list was born! 1. ICS Incident Response “It’s not a question of IF, it’s only a question of WHEN.” Just like in IT, every OT/ICS environment needs to be prepared for when its comrpomised. Know the scenarios you’re defending for. Have a dedicated IR plan. Practice with table tops. Know who to call when it hits the fan. 2. Defensible Architecture Segmenting the network can effectively limit the majority of cyber risk. Leverage an IT/OT DMZ to securely control allowed traffic between networks. Use additional segmentation within OT to slow down attackers. Ideally we can slow them down to give us more time to detect them. Though we have to be looking... 3. ICS Network Visibility Monitoring How can we know if an attacker is in the environment? Espeically if we’re not looking for them? Unfortunately, less than 5% of OT networks are looking. Leverage passive monitoring tools. Watch firewall traffic (allowed AND blocked). Examine other event data to detect suspicious activity that needs to be investigated. 4. Secure Remote Access Nearly every OT/ICS environment allows for remote access. Whether it is considered “secure” is a whole other story. Use MFA with on-demand access. Leverage secure jumpboxes with session recording. And other layered controls to limit the damage if an attacker gains access to an outside party's system. 5. Risk-based Vulnerability Management Vulnerability managemen in OT/ICS is VERY different than IT. Before any patch or other fix can be applied, the associated vulnerability needs to be evaluated. With the appropriate team members such as engineers and plant technicians. Those that can help determine the true risk the vulnerability presents to the plant. Do we need to patch NOW? Do we wait to the NEXT patch window in a year? Or is there no risk to safety and availability so we NEVER patch? While you might not be able to apply this all in your plant right away, start where you can. And work to improve bit by bit each day. Will you ever be 100% secure? No. No one is. But you'll be more secure than you were yesterday! Download the 5 SANS ICS Critical Controls at https://lnkd.in/eDTx2rZy. P.S. What would you add? A HUGE thank you to Robert M. Lee and Tim Conway for building the SANS ICS Cybersecurity Critical Controls for the community! 🔔 Follow Mike Holcomb for more OT/ICS cybersecurity ♻️ Share to help others!

This isn’t just an inconvenience — it’s a warning. I took this photo at a gas station this morning “CASH ONLY!! OUR NETWORK IS DOWN!!” — it wasn’t just a payment issue. It pointed to a broader truth: our critical infrastructure systems are heavily digitized and dangerously fragile. Whether it’s ransomware in the retail POS environment, lateral movement into operational technology (OT), or failure in cloud-connected SCADA systems, IT/OT convergence has made gas stations, water treatment plants, and electrical substations attractive and vulnerable targets. Here’s the problem: -Flat networks -Poor segmentation -Legacy protocols -Minimal visibility into ICS/IIoT assets We’ve seen nation-state APTs, cybercriminals, and hacktivists all take interest in infrastructure. And yet, many operators still treat cyber as an “IT problem.” It’s not. It’s a resilience problem — and the failure scenarios are no longer hypothetical. If we don’t modernize detection, harden edge devices, and train frontline staff, we’ll continue seeing more of this: not just outages, but operational paralysis. Time to elevate OT security to a first-class priority. #cyber #cybersecurity Buchanan Ingersoll & Rooney PC Dragos, Inc. Forescout Technologies Inc. KnectIQ Operational Technology Cybersecurity Coalition Cybersecurity and Infrastructure Security Agency Military Cyber Professionals Association Lucian Niemeyer Christopher Cleary, PMP, CISSP Alison King Kathryn Wang Alexander Botting Philip Travis Berent Trend Micro Madison Horn Brandon Pugh Sean Plankey Robert M. Lee