Recently at the 25th annual RSA Conference in San Francisco, the world’s largest gathering of security experts, 40,000 people came together to tackle tough cybersecurity issues. The conference ignited debate around today’s most pressing security challenges, while simultaneously showcasing the innovative technologies and approaches being deployed to resolve these challenges.

During the conference I was a panelist at the Cyber + IoT Bangers and Mash Roundtable Breakfast, where we discussed security from an operational technology (OT) perspective. Improved OT security is an increasing concern, but one that still needs more attention. According to Gartner, by 2020, about 21 billion machines will be connected to the Internet, providing more access points for sophisticated threats. To address these threats, we cannot only protect our data; we must also protect our connected devices and infrastructure by embedding security into machines and software at every level. 

The discussion of protecting all assets occurred throughout the conference. Two prominent themes, in particular, emerged across various CISO roundtables and breakout sessions. First, visibility of everything – from network activity to user and application behavior – is a top concern across industries and organizations of varying sizes. Second, cybersecurity protection is transitioning from network-based defense to virtual firewalls around every device and endpoint security on production systems.  The trend is clear that protection is moving closer to the individual asset, not just in IT but also in industrial environments. The former director of Homeland Security and an author of the Patriot Act Michael Chertoff articulated the need for the shift when he described how industrial control facilities are vulnerable to exploitation in today’s world—not at some time in the future.

We cannot only protect our data; we must also protect our connected devices and infrastructure by embedding security into machines and software at every level.

Wurldtech is already well-positioned to address these recurring themes of the conference. The trends discussed reflect exactly what we have designed OpShield to provide for OT environments. OpShield delivers defense-in-depth protection and scales to accommodate complex and harsh industrial control system and SCADA environments. It provides visibility into what’s happening on the OT network and enforces OT policy across the control systems network to mitigate risks from all sides.

Other topics that had general consensus among the CISO community at RSA included:

A single breach alone can result in significant loss of customer trust that can take years to rebuild;

The odds are stacked in favor of the attackers due to deteriorating network perimeters and a rapid increase in connected devices;

Accidental activity by authorized users can be a bigger risk than an external adversary; and

Organizations need to focus on securing what's inside the network and assume an attacker will find a path inside.

As the Industrial Internet of Things changes the industrial security landscape, organizations must rethink their cybersecurity strategies to expand the scope of security and encompass everything that touches the network.

Here at Wurldtech, we are in the forefront of helping organizations build and strengthen their cyber defense strategies. We play a critical part in in delivering to customers cyber protection for industrial assets to protect against and mitigate the impact of a cyber attack. This enables continued productivity, prevents unexpected downtime and enables adoption of new technologies to leverage the Industrial Internet.

Learn more about Wurldtech by visiting https://www.wurldtech.com/ 

About the author

Tom Le

Vice President of Engineering, Wurldtech

Tom is the VP of Engineering for Wurldtech, responsible for the development of Wurldtech’s technology enterprise strategy. This includes OpShield, a purpose-built security platform to protect OT environments from cyber threats, and the Achilles Test Platform for testing and certification of industrial devices against cyber benchmarks. Tom’s team also provides leading security intelligence research to discover zero-day ICS vulnerabilities.