Security News > 2022 > November > Your OT Is No Longer Isolated: Act Fast to Protect It

Not too long ago, there was a clear separation between the operational technology that drives the physical functions of a company - on the factory floor, for example - and the information technology that manages a company's data to enable management and planning.

Not so long ago, any data exchange between IT and OT operated via a "Sneaker net." An operator would physically go to a terminal connected to the OT device, offload data covering a recent period, and carry the offloaded data to their workstation, where they then upload it to the organization's IT system.

It was a cumbersome and slow way to transfer data, but it did imply a valuable physical separation between OT and IT infrastructures, shielding critical OT devices from typical IT cybersecurity risks.

If at all practical, consider segmenting the networks used by OT and apply application whitelisting to ensure that only authorized OT applications can send and receive data over that network.

Where your OT is built using Linux devices, consider live patching.

Live patching continuously updates your hard-to-reach OT and doesn't conflict with uptime goals, which usually happens when you need to reboot to patch.

News URL

https://thehackernews.com/2022/11/your-ot-is-no-longer-isolated-act-fast.html