MAY: Segmentation and Remote Access

The OT electronic security perimeter you reviewed and improved last month is essential to stop the volume of potential attacks coming from IT and other untrusted networks. This month you will further restrict attack access to OT cyber assets with a closer look at the OT DMZ and internal segmentation. Like most security controls, there are some locations where a simple control can significantly reduce risk.

In May you will also review your OT secure remote access to make sure you’ve put in a key control that even US Senators know about. 

Week 18: Evaluate And Improve Your OT DMZ

De-militarized zones (DMZ), semi-trusted zones, are a common electronic security perimeter good practice. The firewall segmenting IT from the Internet will often have one or more DMZ to limit direct Internet to IT network communication. A web server, database...

read more

Week 21: Securing Cloud Service Access To OT

Predictive maintenance, efficiency studies and controls, security monitoring, and other cloud services can offer real benefits to asset owners. This trend of vendors offering, and asset owners using, cloud services is almost certain to increase. The challenge is to...

read more

Week 22: Internal Segmentation Review

Your task this week will vary based on the type of system you operate. Asset owners with SCADA have more work this week. SCADA Systems SCADA systems monitoring and controlling geographically dispersed systems, such as pipelines, electric grids, and water delivery,...

read more