Who Can Integrators Turn to for a Cyber Assessment on Their Networks?
Most operational technology (OT) systems use protocols that are not common in the IT system. Having devices that can communicate with the multiple protocols can be both a blessing and a curse.
There are reputable companies that can perform IT cyber assessments, but not many trained in operational technology (OT) cyber threats and architecture. Many can do the IT cyber threat assessment, but the OT cyber threat assessment can be a little tricky.
This requires network professionals to understand how the system provides an output and the importance of that product. Sometimes the product is protection of human life. Cybersecurity assessments are not a one-time event; rather, they are a perpetual monitoring of a system to know all devices attached and how each performs.
Most OT systems use protocols that are not common in the IT system. Having devices that can communicate with the multiple protocols can be both a blessing and a curse. The protection of that device needs to cover every way an intruder can attack, which also includes a physical attack. The assessment organization must understand those attack vectors and how to prevent them.
Cyber assessment in the OT space is significantly different than the IT space due to these devices and protocols that are unknown to traditional IT assessments. Security integrators are learning new market lingo to offer services that can accurately assess systems. Another issue is the integrity of the assessment. Most end users will want separate organizations doing the assessment and performing the mitigation. That way, multiple experts will be reviewing the same problem and offering different ideas for mitigation.
It’s generally accepted that hardware devices for cybersecurity are better than software. But keep in mind, software will solve many problems, but can be defeated. As mitigation is performed, the end user will need to provide their risk-averse level to make the ultimate determination for cyber protection.
Anixter’s Bob Dolan is Director of Technology and David Cronk is Technical Director, Physical Security.
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add sales to your bottom line.
A free subscription to the #1 resource for the residential and commercial security industry will prove to be invaluable. Subscribe today!