The backbone of IT and operational efficiency, as well as delivering innovative customer experiences, is the integration of technology and data.

To facilitate this integration, connectivity between networks and devices has grown significantly over the last 10 years. According to IDC, there will be 55.7 billion connected IoT devices (or “things”) by 2025, generating almost 80B zettabytes (ZB) of data. The pandemic, which forced many into remote work and increased the need for digital services and smarter devices, accelerated the convergence between Information Technology (IT) and Operational Technology (OT).

Read the latest news: Onclave Networks Named as a Representative Vendor in the 2022 Gartner® Market Guide for Operational Technology Security

However, this union of IT networks and OT/IoT devices also has created significant security vulnerabilities. These vulnerabilities are workloads which are not part of the traditional IT security infrastructure. They include device applications, data to and from these applications, and the network resources that connect people to devices.

According to Don Stroberg, CEO of Onclave Networks, while OT/IoT devices and systems use IT networks, “they are not often visible by IT network security solutions, lack encryption, and have security vulnerabilities that can be exploited by bad actors. As a result, there is a greater need for operational resilience and to centralize governance for all OT, IoT, Internet of Medical Things (IoMT) and Industrial Control Systems (ICS).”

Stroberg adds that as Operational Technology (OT) continues to connect to IT systems, and newly designed cyber-physical systems (CPS) are deployed, “OT security is evolving from network-centric security to CPS asset-centric security.” In short, there is a need for new security solutions that are designed for the connected devices that make up today’s OT.

What are some of the key features of Operational Technology Security?

1. OT and IoT Device Discovery. You cannot secure what you cannot see. Since most OT, IoT and other types of connected devices are not visible to IT networks, you need to start with a solution that can discover all the connected devices including those that are hidden or unknown using the IT network.
2. Microsegmentation of Workloads. Before an incident overwhelms resources or causes more harm, containment is critical. To prevent bad actors from gaining access through OT/IoT devices and moving laterally through your network, you need to deploy microsegmentation. This allows you to isolate workloads from connected devices that are on the network. Once you have done this, you can move towards a more effective security solution. To learn more about microsegmentation, download our white paper, “Why microsegmentation is essential for a secure and trusted network.”
3. Cryptographically Secure Workloads. By cryptographically securing segments, you can wrap each workload in a secure enclave. If each secure enclave has its own root of trust, then data can travel from the edge to the cloud without being visible or exploitable by bad actors. This means workloads are not dependent on the security rules in your IT network or various cloud infrastructures.
4. Active Monitoring. Active monitoring of all assets across the network is an essential security step. You need to know when anomalies are happening and the source of any abnormal activity or attempted intrusion.
5. Identity Management. Any OT/IoT security platform should empower you to manage all identities, certificates and trust keys. However, the ability to do this should not add significant burdens such as extended training or certificate requirements for your staff.
6. Isolation and Containment of Threats. With security and monitoring in place, an OT/IoT security solution should be able to isolate and contain any identified threat to the network. This will enable you to prevent damage to the broader network and deal with the problem directly.
7. Easy Management and Lower Long-Term Costs. The goal of OT/IoT security is to reduce the massive new attack surface you are facing, but it also must be easy to manage and help reduce costs. The stress CTOs, CIOs and IT security professionals are under is both work-related and budgetary. A new solution should not add significant costs or require time-intensive management and/or specialized training.

How does Onclave provide enhanced cybersecurity?

One of the great differentiators of Onclave’s TrustedPlatform™ is that it provides a network overlay that goes beyond traditional microsegmentation by cryptographically securing OT and IoT workloads on IT networks. By identifying each segment and wrapping it in cryptographically secure enclaves, Onclave secures the pathways from connected devices to the network, whether it is on-premises or in the cloud. This effectively stops attackers from using your most vulnerable systems to attack and gain access to your most critical infrastructure and data.

In addition to securing OT and IoT workloads, Onclave’s TrustedPlatform™ provides internal management and automation of all identities, certificates and trust keys without the need of special training, agents or additional staff. This simplifies management and helps to lower costs.

Lastly, Onclave recognizes the challenges the CTOs, CIOs, and other IT professionals have in managing security across their organization. Not only are IT professionals faced with juggling high volumes of work, limited staff, and budget constraints, but there is a vast and seemingly endless number of vendors offering cybersecurity / network security solutions. There is a better approach to address these growing security challenges. Onclave can work with you to help prioritize your OT/IoT security risks on your IT network – saving time, management overhead, costs, risks, and complexity to meet your current and future security needs and requirements.

Click here to schedule a Strategy Briefing with an OT/IoT security solution expert.