Legislation and national policy changes are necessary, but organizations can’t wait for them to take effect
A recent security alert from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) highlighting advanced persistent threats against internet connected operational technologies (OT), including industrial control systems (ICS) and supervisory control and data acquisition (SCADA) devices, raises the stakes for the federal government to mandate stricter security standards for manufacturers of internet-connected devices.
In response to the growing number of threats to its governmental agencies, critical infrastructure, healthcare institutions, and businesses of every type and size, the White House and lawmakers have introduced stiffer standards, clearer guidance, updated policies, and legislation to compel organizations to increase their security posture, and to design more secure products. These include memos on achieving Zero Trust, the PATCH Act to increase medical device security, NIST whitepapers redefining critical infrastructure, the IoT Cybersecurity Improvement Act, and an Executive Order on Improving the Nation’s Cybersecurity, to name a few.
Ordr has voiced its support for these measures because it is clear that business-as-usual in cybersecurity is not getting the job done. Here are some numbers that illustrate the growing threat to the integrity of connected devices and the people and organizations that rely on them:
- According to the United Nations, cyberattacks against healthcare organizations has increased 600% worldwide since the start of the pandemic in 2020;
- There are more than 4,000 ransomware attacks every day, and an organization falls victim to a ransomware attack every 14 seconds;
- The total costs of cybercrime, which were estimated at $6 trillion in 2021, are expected to exceed $10 trillion by 2025;
- The FBI’s Internet Crime Complaint Center (IC3) investigated 649 successful ransomware attacks on U.S. critical infrastructure organizations in 2021; and,
- Researchers tracked a 110% increase in vulnerabilities in connected devices in healthcare environments since 2019, and a 55% increase in attacks against the healthcare industry.
These are just a few of the troubling trends that demonstrate the need for a strong, national response for improving cybersecurity. But legislation and policies take time to draft, pass, and implement. In the meantime, organizations that rely on devices that make up the realm of OT, the internet of things (IoT), the internet of medical things (IoMT), and other systems and devices that connect to public networks must take steps now to harden their existing infrastructures against threats that target such systems.
A New Approach is Needed–And Available
Operational technologies form the backbone of modern industrial productivity. Many of the connected devices and cyberphysical systems that run production lines, keep facilities operating, and that support transportation and logistics were not designed with cybersecurity in mind. But as formerly air-gapped systems have become dependent on data and connectivity, they have become vulnerable. That is reflected in the attacks we see increasing on OT environments, which often can start with IT and IoT devices, and do not require sophisticated approaches to be successful. But they do require a new approach to security.
The emphasis on achieving a Zero Trust posture for IT architectures is vital. The growing number and sophistication of the elements of today’s IT estates, including connected IT, IoT, IoMT, and OT devices means it is impossible for traditional, human-centric approaches to security to succeed. Zero Trust requires machine learning and automation to achieve complete visibility across all aspects of technical infrastructure and to respond to indicators of compromise affecting devices.
When threats are detected, security policy enforcement can isolate affected systems and segment those that are mission critical to allow operations to continue while mitigation unfolds, thereby limiting an organization’s vulnerable attack surface and limiting risks. Ordr’s technology has been proven more than capable of providing this level of performance, allowing organizations to see across their network, know what devices are connected and their level of vulnerability, and to secure those devices from attack by addressing four key aspects of cyber asset attack surface management:
- Identify your complete attack surface – Know what devices are in the network and risks they bring.
- Map the transaction flows – Understand what devices are doing. Unlike users, devices have deterministic communications patterns for their “roles”
- Architect/Create Zero Trust policies – This has to be automated to prevent errors, and to scale for hundreds of thousands of devices in the network.
- Monitor/maintain the network – Continue to discover devices, and monitor them for risks and anomalies.
When device security must be a priority—whether government, healthcare, manufacturing, or other critical infrastructure environments—organizations around the world trust Ordr for protecting their OT, IoT, IoMT and other connected devices. We can help your organization identify, inventory, assess, and protect your connected devices within minutes. Contact us at firstname.lastname@example.org.