Building effective verification begins by defining the scope of the verification process. You start by selecting those mission-critical assets — determine where they are, how critical they are to daily operations, and who or what has access to them. To help initiate a strategy for verification within a physical and cyber resiliency framework for mission-essential systems such as utilities, it is helpful to understand the role of verification and compliance.
The current critical infrastructure threat landscape includes sophisticated and capable hackers from state actors and organized criminal gangs. They often share the latest and most effective hacking tools and tactics with each other. A breach can have catastrophic consequences for OT industrial systems and is essential that security measures require speed to mitigate threats. This operational velocity is required for monitoring ports and services, security patch management, malicious software identification, and especially rapid incident response.
Network visibility is paramount to gain situational awareness and reduce the exposure of our critical assets. The majority of organizations still lack proper visibility to efficiently defend themselves. The urgency to improve the situation is heightened in the case of operational technology (OT) networks where cyber attacks could cause heavy damage to industrial equipment or even loss of life. The latest ICS/OT Cybersecurity Year In Review from Dragos determined that 86% of service engagements have a lack of visibility across OT networks.