Navigating Cybersecurity in Operational Technology: Insights from the Joint Cyber Defense Collaborative
Navigating Cybersecurity in Operational Technology:
Insights from the Joint Cyber Defense Collaborative
The Joint Cyber Defense Collaborative (JCDC) released an important document titled “Secure by Demand: Priority Considerations for Operational Technology Owners and Operators when Selecting Digital Products.” This collaborative effort involves major players in cybersecurity, including the Cybersecurity and Infrastructure Security Agency (CISA), Germany’s Federal Office for Information Security (BSI), the UK National Cyber Security Centre, and the European Commission. The document is a significant step towards enhancing the cybersecurity posture for operational technology (OT) environments, which are increasingly vulnerable to cyber threats.
Some key takeaways from the document:
The JCDC’s recommendations provide a roadmap for OT owners and operators to make informed decisions when selecting digital products. Here are two critical points highlighted in the document:
1. Phishing-Resistant Multi-Factor Authentication (MFA)
One of the standout recommendations is the call for buyers to prioritize products that include phishing-resistant multi-factor authentication (MFA) in their baseline versions, underscoring the importance of robust authentication mechanisms in today’s threat landscape:
● Selection criteria: The baseline version of the product supports role-based access control (RBAC) and multifactor authentication (MFA), particularly for changes to safety-critical equipment.
● Questions to ask: Has the manufacturer eliminated or is working to eliminate the use of shared role-based passwords in their products? Is MFA included in the baseline version?
● Why this matters: Strong authentication allows for defense-in-depth and enables identity and access management best practices.
For organizations looking to comply with this guidance, solutions like the Nok Nok S3 Suite, the Authentication Cloud, and the IoT SDK are excellent options. These products offer advanced authentication capabilities that help mitigate the risk of phishing and man-in-the-middle attacks, ensuring that only authorized users can access critical systems and data. Implementing such solutions is a proactive step towards safeguarding operational technology environments.
2. Elimination of Default Passwords
Another critical focus of the document is the elimination of default passwords, which is listed as a key aim to achieve “Secure by Design” practices. Default passwords are often a weak link in cybersecurity, providing an easy entry point for malicious actors. The document stresses the need for organizations to move away from these vulnerabilities and adopt more secure password practices:
● Selection criteria: The product is delivered secure out of the box, resilient against the most prevalent threats and vulnerabilities, without requiring additional configuration from users or administrators.
● Questions to ask: Has the manufacturer eliminated or is working to eliminate default passwords?
● Why this matters: Insecure default settings expose asset owners to more risk and increase security costs.
Using the Nok Nok IoT SDK can significantly aid operational technology operators in this endeavor. The SDK facilitates the implementation of phishing-resistant authentication methods that do not rely on default passwords, thus enhancing the overall security of IoT devices and systems. By leveraging such technology, organizations can ensure that their OT environments are better protected against unauthorized access.
The Importance of Cybersecurity in Operational Technology
As operational technology systems become more interconnected and reliant on digital products, the need for robust cybersecurity measures has never been more critical. The recommendations put forth by the JCDC are not just best practices; they represent a foundational shift towards a security-first approach in the selection and implementation of digital products.
By prioritizing phishing-resistant MFA and eliminating default passwords, OT owners and operators can build a more resilient infrastructure capable of withstanding evolving cyber threats. The guidance provided in the JCDC’s document serves as a valuable resource for organizations looking to enhance their cybersecurity strategies and protect their critical assets.
Conclusion
The publication of “Secure by Demand” marks a pivotal moment for organizations involved in operational technology. As cyber threats continue to evolve, the emphasis on secure design principles and robust authentication mechanisms cannot be overstated. By following the recommendations of the JCDC and integrating solutions like the Nok Nok S3 Suite and IoT SDK, organizations can take substantial steps towards fortifying their defenses and ensuring the integrity of their operational technology environments. In a digital landscape fraught with risks, being proactive about cybersecurity is not just an option; it’s a necessity.