Operational Technology (OT) facilities are in a unique position where market demands, regulatory requirements, and cybersecurity vulnerabilities put a 24-hour strain on equipment and operators. Organisations’ security practitioners are unable to shut down operations to audit the network’s true cybersecurity posture.
While IT networks have maintained a relatively strong cybersecurity posture to address rising ransomware attacks, OT facilities often lag behind, due to the reliance on multi-facility networks that host both modern and legacy devices.
This has led to insufficient segmentation, allowing a hacker who breaches one area of an OT network to access critical data from all zones, even reaching across to remote facilities.
Coming into effect from 4 July 2022, the second edition of the Cybersecurity Code-of-Practice (CCoP 2.0) issued by the Cyber Security Agency of Singapore (CSA) seeks to level up new cybersecurity capabilities in the Critical Information Infrastructure (CII) sectors in view of the evolving cyber threat landscape with threat actors using sophisticated tactics, techniques and procedures to attack.
It specifies the minimum requirements that the critical information infrastructure owner (CIIO) shall implement to ensure the cybersecurity of the CII.
Partnership in support of CCoP 2.0
By using zone segmentation technology, such as ST Engineering’s 5000 series Data Diode integrated with Radiflow’s OT IDS, attackers are isolated following a breach, unable to access data from other facilities or segmented networks.
“The integration provides a one-box solution for full visibility into the organisation’s OT assets, topology, system behaviour, cyber-attacks, and breaches to OT cyber security policies,” said Goh Eng Choon, president of cyber at ST Engineering.
Radiflow also announced it is updating its risk management tool Cyber Industrial Automated Risk Analysis (CIARA) with dedicated support for the CCOP v2 standard. This will enable utilities to incorporate an actual digital image of their OT network and automatically assess their level of compliance to the CCOP standard, generate compliance status reports and plan their roadmap to reach full compliance.
Cybersecurity teams can also use CIARA to “run” virtual cyber breach attack simulations to calculate threat likelihood and production loss scenarios.
“The concerns raised by organisations have shifted from meeting compliance regulations to thwarting the onslaught of OT network attacks,” said Ilan Barda, co-founder & CEO of Radiflow. “Protecting multi-facility organisations is critical to ensure profitability and compliance with the latest regulations, such as Singapore’s CCOP. This partnership will ensure secure data transfer between OT zones while maintaining the ‘air-gap’ between physically separated source and destination networks.”