Obtain a third-party OT cybersecurity assessment
Segment OT networks to prevent threats from spreading
Don’t wait for government cyber regulations; it’ll be too late
Identify “single points of failure,” like a firewall with no backup
Create an action plan to deal swiftly with network abnormalities
Evaluate deception technology to enhance defense-in-depth
For example, Penn State University worked with GrayMatter to segment the operational technology that runs HVAC, lighting, security and other systems in roughly 700 buildings across its campuses.
If one building is impacted by a cybersecurity event, “It’s two clicks to take that building off the network, so I’m only worried about one building, not 700,” Christensen says.
Another client, a major water/wastewater provider, uses deception technology to geofence network traffic from countries in Eastern Europe and Asia where many ransomware attacks originate.
JBS SA reports that its backups weren’t affected, which should reduce the recovery time, Christensen said, but there’s more companies should do in advance to protect themselves.
Government regulations will likely soon catch up to the uptick in ransomware attacks, forcing companies to improve their cybersecurity protections.
On May 27, the U.S. Department of Homeland Security released a directive requiring pipeline operators to report cyber incidents within 12 hours or risk being fined $7,000 per day, submit results of a cybersecurity assessment within the next 30 days and have an on-call cybersecurity coordinator.
“If you’re waiting on government regulations to improve your cyber program, it might end up being too late.”