Interesting example of Zero trust security, for operational and IOT systems
Zscaler and Siemens join to bring zero-trust security to operational technology systems
Analysis by Zeus Kerravala
Zscaler Inc. and Siemens AG announced an interesting partnership this week wherein the two vendors are bringing zero-trust security to operational technology systems.
OT systems are most commonly found in industrial networks but are seeing increased adoption in other industries. Historically, OT systems ran on their own proprietary networks that were often isolated from the company’s data networks. Industry leaders have been predicting that information technology and OT systems would eventually come together, but that has been slow to materialize in industrial settings.
Some OT systems have been integrated with IT networks, such as building facilities like alarm systems, LED lighting and heating and air conditioning systems as part of smart building initiatives, but that has been more the exception than the norm in industrial settings.
The COVID-19 pandemic forced many organizations down the IT-OT path as workers required access to the OT systems from home and the most cost-effective way to do that was to enable VPN access through the data network. That enables workers to remotely manage and control systems and diagnose problems.
Although VPNs were successful in connecting workers to industrial systems quickly, they are not ideal because they create a back door into the industrial “internet of things” environments. That greatly expands the organization’s attack surface and exposes the business to large-scale network attacks.
Some organizations have turned to firewall-based network segmentation, and that can work, but it is very complicated to set up and is even more difficult to keep updated in dynamic environments. That’s because every time a device moves, the segmentation policies must be updated. Coarse-grained segmentation is widely used, but businesses have struggled with fine-grained segmentation, which is needed in IoT environments to minimize the impact of a breach. ... '
No comments:
Post a Comment