In the  study,  Guardians  of Government:  The  State of  Federal  OT Security,  90  percent  of Federal  OT
            administrators reported they have placed greater emphasis on OT security. And for good reason. Sixty-
            eight  percent  reported  an  OT  cyber  security  incident  in just  the  past  year,  and  only  20 percent  gave
            themselves an ‘A’ grade for OT security preparedness.  When asked if they could mitigate and respond
            to an OT threat today, half of the respondents expressed a high degree of confidence.

            The study provides a comprehensive  assessment of the critical gaps they face and what best practices
            they’ve adopted to enhance operational security. The obstacles to achieving a desired state of resilience
            and readiness are multi-fold. They report gaps they seek to close in their OT security, including improved
            asset visibility, secure remote access and monitoring.  Many Federal agencies face additional OT security
            challenges, such as managing broad geographic distribution of their connected endpoints and limited air-
            gapping.  And 65 percent estimated that assets in their organization have reached end-of-life yet are still
            internet facing, thus adding to their cyber attack surface.

            The  good news  is these  leaders  are taking  proactive  measures  within  their agencies  to address  their
            security  needs,  despite  the  complexity.  First,  they  report  significantly  greater  coordination  between  IT
            and  OT  organizations,  and  some  agencies  have  even  aligned  these  functions  in  their  organizations.
            Second, more report that they have implemented continuous assessments and have begun standardizing
            risk models. And, they’ve focused on upskilling their teams to keep pace with both evolving technologies
            and  persistent  threats.  These  are  all  steps  in  the  right  direction  and  will  ultimately  result  in  greater
            resilience and higher levels of confidence in their ability to meet the threats of today and in the future.

            As  our  Federal  systems  –  and  world  –  have  become  increasingly  interconnected,  and  the  extended
            Internet  of  Things  has  become  a  reality,  it  is  vital  that  we  safely  protect  the  cyber  and  physical
            components of connected organizations.  As these Guardians of Government have reported, the threats
            are real. However, the organizational processes and technologies exist today and, if implemented well -
            with up-to-date best practices and expediency - can meet these threats with confidence.





            About the Author

            Heather  Young  is  regional  vice  president,  US  Federal,  for  Claroty.  She  is
            responsible  for  supporting  and  enabling  clients  across  Federal,  State  and  Local
            Government, and the Education sectors.

            Heather can be reached at [email protected]  (@youngheather20  on X) and
            at https://claroty.com/.















            Cyber Defense eMagazine – July 2024 Edition                                                                                                                                                                                                          26
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.