ICS/OT Asset Discovery Challenges


ICS/OT Asset Discovery Challenges

Almost all critical infrastructure industries in the country, including aviation, electricity distribution, oil and gas, chemical plants, water treatment, pharmaceuticals and transportation, use complex control systems such as PLC, DCS and SCADA to automate operation and thereby improve efficiency.

The digitization and convergence of IT and OT overtime have resulted in significant challenges, such as the increased risk of being compromised by cyber-attacks. Securing NCI and building security policies and procedures to safely operate, has become more and more central as a result of the adoption of new technologies and digitization concepts in this new era.

One of the most significant challenges is the effectiveness of the asset discovery and inventory management strategy. In other words, there is a lack of visibility of network hardware and components, software, network traffic, physical connections, etc., within the OT/ICS network.

Referring to NIST 98, it begins with IDENTIFY. Unless the owner of the asset knows what to protect, it is no longer possible to cyber-secure the ICS/OT network.

Large firms are confronted with a geographically dispersed and fragmented process control environment, and many systems suffer from obsolescence. Therefore, asset owners are keen to have access to real-time information at the fingertips.

The inventory update supports the Operations, Engineering, Maintenance and Design teams in assisting the Cyber Security Department in rapidly reaching cyber-attacks by identifying and defending the root cause in a timely manner.

Such an inventory update goes beyond the security plan, this information can help improve operational capability and prevent future failures when small signage is observed.

Automatic asset discovery provides an enormous insight about individual ICS/OT assets and their configuration. i.e. Physical location, A brief description what an OT asset does, Association of an OT asset with an OT system, Network names and network types, Asset criticality.