Page 33 - Cyber Defense eMagazine Annual RSA Edition for 2024
P. 33

How are best practices evolving with regards to maintaining an air gap between IT & OT systems
            but still finding synergies or opportunities for consolidation?

            In the evolving landscape of cybersecurity, maintaining an air gap between IT and OT systems remains
            a critical best practice. But organizations are also exploring opportunities for synergies and consolidation
            to enhance efficiency and effectiveness.

            Chase pointed out, “To me, there is really no such thing as a true air gap”, suggesting that reliance on
            air-gaps is a “frankly a false sense of security“. The evolution of best practices now leans towards a
            balance—minimizing  but  managing  points  of  entry  while  maximizing  visibility  and  control.  Effective
            security must accept that “there’s always going to be ways that malicious code could get introduced into
            your environment“.

            By acknowledging human error and vulnerabilities, such as plugging in e-cigarettes to your computer,
            the focus shifts to enforcing protocols that mitigate the very real risk of inadvertent threats, like those
            involving “USB sticks tethering a laptop to cell phone for fantasy football “. Monitoring and controlling
            these limited points of interface between IT and OT systems stands as the contemporary alternative to
            the illusion of an absolute air gap, fostering a security landscape that is not only more realistic but also
            diligently vigilant against both the conventional and unforeseen threats.

            Chase further emphasized the interconnectedness of IT and OT security, noting, "A lot of attacks start in
            IT and so good security practices in IT help support good security practices in OT." This underscores the
            necessity  for  alignment  and collaboration  between  IT and  OT  teams  to bolster  overall  cybersecurity
            posture.

            Kirsten emphasized the ongoing need to maintain separation between IT and OT systems to prevent
            threats from spreading across networks. However, she also acknowledged the potential for consolidation,
            indicating, "not all organizations have perfectly segmented networks….in some it's just a flat network
            where traffic is flowing everywhere."

            While maintaining an air gap between IT and OT systems remains paramount, there are opportunities for
            consolidation and synergies. For instance, the concept of a "single pane of glass" for monitoring and
            managing both IT and OT environments can streamline operations and enhance visibility into potential
            threats. Kirsten hinted at this stating there is "more than one way to bake a cake there."



            How can you bridge the gap between IT and OT monitoring?

            Bridging the gap between IT and OT monitoring requires a combination of technology, processes, and
            collaboration. One approach is to leverage unified monitoring solutions like Microsoft Defender for IoT,
            that provide visibility into both IT and OT environments, allowing organizations to detect and respond to
            threats more effectively.

            Chase Applegate highlighted the symbiotic relationship between IT and OT cybersecurity, stating, "A lot
            of attacks start in IT, so good security practices in IT help support good security practices in OT." This
            underscores the interconnected nature of security measures across both domains.






                                                                                                              33
   28   29   30   31   32   33   34   35   36   37   38