Bridging the IT/OT Cybersecurity Gap

With notable industrial cyber events on the rise, the 2020s are shaping up to be a challenging time for operational technology (OT) operators concerned with the safety, security, and compliance of their operational technology networks. To protect their OT environments, everyone from plant managers to CISOs is facing increased pressure to deploy effective cybersecurity solutions. However, professionals in the cybersecurity industry are continuously developing new technology to try to keep up with advancements in illegal cyber activity, and there are a growing number of ways to apply security controls to both your IT and OT environments.

Tripwire’s tried-and-true file integrity management (FIM) and security configuration monitoring (SCM) suite, Tripwire® Enterprise, extends across both the IT and OT sides of your organization. And in order to help organizations bridge the IT/OT gap, it now integrates with other asset discovery and inventory solutions with specific industrial use cases in mind.

Together, these integrated solutions provide organizations with advanced IT/OT asset inventory, vulnerability management, and other key controls required to keep industrial systems secure and compliant. This integration mitigates cybersecurity and production risk for both IT and OT assets.

The IT/OT Challenge

Industrial environments are a complex mix of traditional IT assets (control system management server for example) as well as unique industrial OT assets (PLCs, robots, conveyor systems, etc.). Bridging the IT/OT gap helps organizations gain budgetary and resource efficiencies in managing one combined asset inventory. Traditionally, disparate network types like Ethernet and Fieldbus didn’t mix— but that is no longer the case. Industrial control systems (ICS) are now increasingly intertwined with IT devices and business processes, multiplying the risk of compromise to their command and control functions. This situation is accelerating due to the rapid proliferation of IIoT (industrial internet of things) devices that connect to IT networks. To stay a step ahead of malicious actors, organizations need to begin taking a more holistic cybersecurity approach wherein both IT and OT environments get the same level of scrutiny and investment from their cybersecurity leadership.

Tripwire Enterprise

Tripwire Enterprise is a cybersecurity suite that provides fully integrated solutions for policy, file integrity, and remediation management for IT and OT assets. It provides an innovative approach for industrial organizations to assess configurations, security, and status in their environments. With a single interface management system, Tripwire Enterprise offers operators an agentless security workflow that can be accessed from virtually anywhere, providing a comprehensive picture of security issues across the entire infrastructure. Tripwire Enterprise gives operators the ability to identify and remediate configuration issues, such as a PLC that has been left in a risky state like remote-program mode.

Asset Discovery and Inventory Tools

Tripwire Enterprise integrates with security tools specifically built for OT to protect ICS networks by providing extreme visibility, continuous threat, and vulnerability monitoring, and deep insights into ICS devices and networks. The use of passive deep packet inspection (DPI) technology specifically designed to ensure safe, secure, and reliable operations in complex industrial networks—ensuring minimal impact to the underlying operational processes along with improved cyber resiliency. It is designed to tap into the native protocols on the OT network in such a way that it extracts data without affecting operations that may be sensitive to latency and bandwidth change. Our deep understanding of the many protocols used by OT systems makes this possible. 

Addressing OT Compliance

With automated, continuous monitoring across different types of operating systems, industrial devices, and applications, industrial organizations rely on it as a simplified and cost-effective solution for maintaining system hardening and continual proof of compliance for standards such as:

• International Electrotechnical Commission (IEC) 62443
• International Organization for Standardization (ISO) 27001
• North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP)
• National Institute of Standards and Technology (NIST)
• Center for Internet Security Industrial Control System Critical Security Controls (CIS ICS CSC)

Summary

Organizations with both IT and OT assets to monitor can do so using the integration between Tripwire Enterprise and asset discovery solutions. Using these two advanced solutions together bridges the cybersecurity gap common in industrial organizations. You can now apply the same stringent cybersecurity controls to your OT environment that you may have traditionally thought of as IT processes, such as SCM, asset inventory and management, vulnerability management, and others. This integration not only serves to protect your organization against breaches and human error—it also helps industrial operators prove compliance with the industrial compliance standards on which they may be audited. It also aligns systems to best practice frameworks like the CIS ICS CSC. Get unmatched visibility into the configuration and vulnerability states of both the IT and OT sides of your organization at once.