What are some best practices, tools and technologies organizations in Asia Pacific could employ to secure OT?
Oberholzer: One large mining company we worked with was determined not to let the IT-OT security gap stand in the way of progress. With 50 production sites across three separate geographies, the company had struggled to achieve a comprehensive view of its entire operational security risk profile. The integration of multiple remote sites – coupled with a range of legacy equipment in widespread use, a common situation in the mining industry – compelled this company to find a solution to simplify its OT security profile.
Working in coordination with the company’s IT and OT teams, Claroty delivered a solution that secures its entire OT environment, is governed from a central security operations center (SOC), and addresses concerns related to operational complexity, legacy technology, and requirements for zero downtime. Within two weeks of deployment, The Claroty Platform discovered and profiled all OT assets, asset details, communication patterns, and baselines across the entire OT environment – without any interruption to production. And that was just the beginning.
Another best practice: when Claroty worked with a US-based water utilities provider that serves two million residents, the company was upgrading its IT infrastructure and IT security architecture and Claroty was tasked with assessing and improving security across their expansive and growing OT environment, which includes hundreds of miles of pipeline and more than 20 physically dispersed water facilities such as pumping stations, water treatment plants, and storage and distribution systems.
We identified three key challenges for this provider:
- Lack of asset visibility: The large physical footprint combined with the company’s rapidly growing infrastructure to support population and business growth in the region, resulted in inconsistent documentation of OT assets and lack of full visibility into the OT environment.
- Remote, unmanned facilities: Many of the company’s pumping stations and other facilities are unmanned. Employees and third-party vendors remotely access these systems to perform maintenance and gather operational data. If any authorised party’s systems were to be infected with malware, or if their access credentials were stolen, this could compromise the systems, switches and controllers. Furthermore, the company had no way to ensure that only authorised parties were accessing appropriate systems and making agreed upon changes.
- Compliance with new regulations: As this was a US-based customer, under America’s Water Infrastructure Act (AWIA), utilities that provide drinking water must conduct risk and resilience assessments and revise emergency response plans. These changes require a detailed understanding of the OT network in order to meet the U.S. Environmental Protection Agency (EPA) deadline in 2020.
By deploying the Claroty Platform, the company was able to greatly improve its operational security.
Firstly, the company’s IT security, network and OT teams were able to gain full visibility and immediate profiling of all assets across the company’s expansive OT environment. With granular details of all assets, sessions, processes, and corresponding risk levels, they could now identify threats and vulnerabilities in the OT network to mitigate risk and assure continued operations of critical processes.
Next, they were able to secure remote access to OT assets. Security teams have granular control, the ability to audit access, and additional levels of security, such as password vaulting. Unauthorized access is immediately blocked, and unusual network activity triggers an alert to the team.
Furthermore, they were able to ensure compliance with the Water Infrastructure Act mandate by the deadline, as the Claroty Platform gave them the tools needed to conduct the appropriate risk and resilience assessment.
Lastly, the company was able to optimize its IT security, network, and OT teams. The Claroty Platform integrated with the company’s ecosystem of OT and IT systems and workflows, allowing all teams to use the solution to strengthen security. This lowered the total cost of ownership while maximizing return on investment.