Zero Trust is a change in the security model away from network-based security to an application and data-centric view. Zero Trust is often associated with new methods of remote access to applications, especially modern cloud applications. Zero Trust includes several concepts – like strong authentication, limiting of access/authorization to resources, data protection, and monitoring of sessions – that are helpful to many security designs.
Operational Technology (OT) environments work on an inherent trust model – which is quite the opposite of Zero Trust. That is one of many issues that make Zero Trust elusive in OT. Yet some of the concepts of Zero Trust can help to improve the cybersecurity of OT environments.
Download Our Guide to Applying Zero Trust Concepts in OT Environments
Learn more about how you can borrow a few key elements of Zero Trust that can help your OT cybersecurity posture.
Download NowApplication access is:
- Granted only after identity is authenticated.
- Authorized only to specifically prescribed resources at the application and data level, not the network level.
- Adjusted based on context-derived risk such as by user, access level, device, time of day, network, geo location, etc.
- Encrypted end-to-end.
- Monitored continuously and analyzed for changes to risk profile.
However, Zero Trust doesn’t map well to OT environments, which rely on inherent trust, are operating many legacy applications, are interoperability imperative, and are sensitive network environments.
Enter the SANS 5 Critical Controls for ICS Cybersecurity, which are purpose built for OT. You’ll find many similar concepts illustrated by the SANS ICS 5 Critical Controls that are shared with Zero Trust and can be translated into strong controls that protect our most critical infrastructure.
- Zero Trust’s strong authentication for remote access is represented by SANS 5 ICS Critical Controls #4, Secure Remote Access.
- Zero Trust data level authorization and access control – easy in modern cloud applications – is difficult to achieve in OT applications that have evolved over several decades. Network segmentation and micro segmentation, part of SANS Control #2 Defensible Architecture, is an OT-friendly approach to limiting access to OT resources.
- Continuous monitoring of access sessions is another concept of Zero Trust. SANS Critical Control #3 is ICS Network Visibility & Monitoring is key in monitoring remote access sessions, but also in monitoring the broader environment for any compromise that comes from remote access sessions.
Download Our Guide on Zero Trust
Download our guide to learn more about how you can borrow a few key elements of Zero Trust that can help improve your OT cybersecurity posture.
Ready to put your insights into action?
Take the next steps and contact our team today.