Friday the 13th: Managing OT Cyber Risk Against "Bad Luck"

Is it just bad luck, or could a lack of proactive security be to blame for unexpected cyber incidents? It’s Friday the 13th, so let’s talk about what we can do to hedge against OT cybersecurity risks.

We might call it “bad luck” to find your systems compromised or disrupted by cyber threats. In some cases, you may be the “unlucky” victim of a cyberattack that wasn’t even met for you. For example, the WannaCry and NotPetya ransomware attacks. These campaigns around EternalBlue vulnerability exploits affected thousands who weren't directly targeted but were merely caught in the huge blast radius. It hit health services, telecommunications, and manufacturing plants. Either way, whether you're a specific target, a victim of a non-discriminatory attack, or inadvertently affected, proactive OT security measures are crucial. Cybersecurity isn't about luck, it's about identifying and managing the areas of risk within your environment.

‍Proactively Managing OT Cyber Risks

When you're hit with a cyber attack, the last thing you want to say is, "I didn't know we had vulnerable systems, misconfigured systems, open ports." This is not a position you want to find yourself in.

Proactive risk management of OT cyber risks starts with effective OT asset management, which entails:

• Knowing What You Have: Identify all devices, software, and cyber assets in your OT environment.
• Keeping Things Properly Configured: Maintain correct configurations to prevent security breaches.
• Managing Exposures: Address vulnerabilities, monitor connections, and control privileges to secure your systems.
• Monitoring for Changes and Suspicious Activity: Stay vigilant to detect and respond to anomalies and potential threats.

Successful cyber attacks most often occur due to poor basic cybersecurity hygiene, comprised of the above. Foundational security controls that address these hygiene issues are crucial.

"Almost all successful cyber attacks exploit poor cyber hygiene" such as unpatched software, poor configuration management, and outdated solutions"

- Center for Internet Security

These cybersecurity controls make up the foundations of every leading cybersecurity framework, from best practices to compliance regulations, e.g., NERC CIP, NIST, CIS controls, ISA/IEC 62443. Non-coincidentally, implementing these security fundamentals is what's needed for most state and national compliance mandates. With the caveat that you can't just check the box on requirements—you have to be intentional and pragmatic in implementation. These security foundations are essential aspects of every compliance requirement demanding "reasonable cybersecurity."

This Friday the 13th, consider how you can fortify your organization's cybersecurity measures. A strong foundation in OT asset management and cyber hygiene can transform your security from being subject to the whims of "bad luck" to being a robust, proactive defense against the inevitable threats in the digital age. Remember, good luck in cybersecurity is often the result of thorough preparation and proactive management.

Learn more with our OT Asset Management resource below.