4 Ways to Improve Network Threat Detection

Feb. 21, 2022
As industrial cybersecurity threats increase, taking every measure possible to secure vulnerable OT systems is vital, particularly in a legacy environment.

Staying on top of new technology and cybersecurity at aging plants is complicated. Many plants have equipment that is 10, 20, or even 30+ years old and may be relying on unsupported operating systems or software. These legacy systems often cannot be patched or upgraded, and migrating to a new operating system is not cost-effective. To help you overcome these challenges, here are four key ways to bolster your operational technology (OT) network by increasing threat visibility.

1. Baseline Your Network

To help determine which communication activities are normal and which  may be threats, it’s essential to have an accurate baseline reading of your entire network. A compressive device inventory is necessary to observe when new or unapproved devices connect to your network. It’s also vital to understand which devices communicate to each other and what OT protocols they are using.

2. Centrally Collect System Logs

System logs can help correlate events across different devices and different manufacturers. This will provide horizontal visibility across your company. If you’re able, automate the review of these logs with machine learning technology.

3. Implement Incident Response Playbook

With the additional data you’ll collect from various threat detection tools, it’s important to develop an incident response playbook for your company. Collecting logs, baselining your networking, and implementing tools will provide little to no value unless you have a plan in place to monitor and act upon this data. Consider implementing tabletop exercises to roleplay the various scenarios.

4. Develop a Central Pane of Glass

It’s crucial to develop a dashboard with specific key points of interest across all your company’s verticals. This will help your operation center teams efficiently parse the data. With the continuing convergence of IT and OT, it is important to have central visibility. This visibility will help close the gap and provide insight into the wide variety of devices that can be seen today.

In manufacturing, security has typically taken a secondary role to production. However, the industry is beginning to see a rapid increase in OT threats. By implementing some of these best practices, you can gain additional visibility into the threats facing your OT network.

Where Can I Learn More?

Interstates has plant cybersecurity experts ready to help. If you have any questions about network threat detection, reach us at (712) 722-1662 or www.interstates.com/contact/.

David Smit is a Systems Analyst who works in Operational Technology at Interstates, a certified member of the Control System Integrators Association (CSIA). For more information about Interstates, visit its profile on the Industrial Automation Exchange.

Sponsored Recommendations

Wireless Data Acquisition System Case Studies

Wireless data acquisition systems are vital elements of connected factories, collecting data that allows operators to remotely access and visualize equipment and process information...

Strategizing for sustainable success in material handling and packaging

Download our visual factory brochure to explore how, together, we can fully optimize your industrial operations for ongoing success in material handling and packaging. As your...

A closer look at modern design considerations for food and beverage

With new and changing safety and hygiene regulations at top of mind, its easy to understand how other crucial aspects of machine design can get pushed aside. Our whitepaper explores...

Fueling the Future of Commercial EV Charging Infrastructure

Miguel Gudino, an Associate Application Engineer at RS, addresses various EV charging challenges and opportunities, ranging from charging station design strategies to the advanced...