Every year the number of reported ICS vulnerabilities increases with about a third. In an IT world that is cumbersome but can be solved with an -automatic- patch round or scheduled update. In OT however we are not this flexible and need to work with our vulnerable systems for a longer period, until the impact of the update is extensively tested. Even that does not have to be a problem either because we take additional security measures and protect the OT from threats from IT and internet.
But what if our additional security measures are not effective? Or if we have more vulnerabilities than for which we have designed mitigating controls? That is the real problem. The OT environment is left under-protected which causes business continuity and product quality to be at risk.
Statistics of we issues we find in an average OT environment show that no less than a third of the issues can be classified as high/critical risk. These are issues that need immediate attention.
If we breakdown these issues to their cause we get the following chart.
These ‘usual suspects’ are causing serious threat to your OT environment:
- systems and packages are missing security updates (33%)
- access control is failing. For example because of default passwords (admin:admin), hard-coded credentials and insecure remote access. (25%)
- misconfigurations and insecure services are present (10%)
- the network is not segmented properly and allowing unrestricted traffic (11%)
It is a huge task not only to know your vulnerabilities but also to understand the best way to solve them. This is the expertise of CR-Team and we can support you.
We will start with performing a full inventory of your OT environment, because: “We can not protect what we do not know”. After adding context and discussing what we found we will propose a security remediation plan. Through our structured project approach it will be clear who is responsible for the actions and when the end state is delivered.
Reach out to us if you want to know how we can help you.