- ML or machine learning is being used in network monitoring, gathering threat intel and remediation, while it is also being leveraged for identifying anomalous behavior and flagging these patterns in real time.
- ZTNA or Zero Trust Network Access has existed for more than 10 years, but has been perpetually modified. NIST (National Institute of Standards and Technology) continues to refine the ZTNA architecture. Three major components should exist in ZTNA including
- Continual visibility of devices and users connected to the network,
- Ability to enforce security policies despite devices type, location or method of access
- Ability to maintain enforcement and visibility when device goes off line
- Micro-segmentation is a security method that isolates security zones that are associated with workloads, applications and certain devices. By creating these zones, you can prevent lateral movement of threats from being propagated in east/west traffic and providing isolation and being able to prevent an attack.
More than a decade ago, operational technology (OT) was d only used in manufacturing and industrial environments and airgapped from the rest of the organization. Today, the convergence of information technology (IT) and OT, and the growth of the internet of things (IoT) is revolutionizing the way organizations monitor systems, share and analyze data, and efficiently make decisions based on near real-time information. While this transformation brought about a modernization of how IT, IoT, and OT systems share invaluable data to empower business operations, it also brought about the alarming realization that none of these devices were created with security in mind. With ubiquitous connectivity comes the increase in ways to exploit them to gain access to sensitive data.
The convergence of IT and OT calls for the need to address identifying all network connected devices, how they are communicating and properly assess the risk associated. This is why Gartner named Ordr as a Representative Vendor in the Market Guide for OT Security.
As described in the Gartner report, the OT/CPS (Cyber Physical Systems) security journey for organizations aligns with six key phases. “Once they enter the “Oh Wow!” Phase , organizations realize that security — whether IT, OT, physical or supply chain — needs a whole-of-enterprise focus. Historical IT and OT functional differences are becoming a liability when security is involved. Due to design, age or function, the unique requirements of OT systems now add to IT security concerns in ways that can no longer be ignored. Modernization efforts bring risk, reliability and safety discussions to the forefront. As a result, leading organizations are starting to elevate OT security requirements into their enterprise risk management (ERM) efforts by adopting an integrated security strategy across IT, OT, CPS, physical security and supply chain security.”
Phase 3. The “Oh Wow!” Moment: Invariably, proof of concepts (POCs) become eye openers. For example:
- Unmanaged assets are connected everywhere.
- OT networks that were initially designed to be highly segregated have become flatter than realized.
- Ports on all kinds of systems in all kinds of remote locations are wide open.
- OEMs are accessing the machines they sold remotely and no one is managing it.
- Disclosed vulnerabilities on old OSs have never been evaluated for possible patching.
- The functional silos between separate security disciplines (e.g., cybersecurity, physical security, supply chain security, product security, health and safety) are creating seams that bad actors can exploit.
- The realization sets in that operational environments where security is lacking are centers of value creation for most organizations; however, no centralized governance exists to start making sense of it all. Recognition develops that roles and responsibilities for a wide variety of (security related) processes and decisions have never been clear, let alone agreed on.
At Ordr we’ve helped top global organizations address visibility and security with a whole-enterprise approach — from traditional servers, workstations and PCs to IoT, IoMT and OT devices. We have created a solution that passively and in real-time discovers what devices are on the network, profiles device behavior and risks, and then automates the appropriate action. Our relationship with our customers has been one of mutual benefit, we have worked together to evolve our solution and address new use cases. As a result, we’re grateful and proud to serve our customers and be been named in the Market Guide for OT Security as a solution addressing device visibility and security.
For the report, click here.
Gartner Market Guide for Operational Technology Security, Katell Thielemann, Wam Voster, Barika Pace, Ruggero Contu,13th January 2021
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.