Back to Insights

OT Cyber Security in the Connected Workplace

Solution Overview
Sep 18, 2020
By Christopher Revell

Device inventory combined with device monitoring tools and a service management platform brings orchestrated remediation to your OT devices.

 

Operational technology (OT) refers to a wide variety of physical devices, from devices that run our manufacturing plants to equipment in our power stations to life-saving medical devices. These devices used to be stand-alone, unconnected to any outside IT networks. That’s no longer true; these devices are connecting to our networks in unprecedented numbers. And, for our security, we need to protect them.

As more non-IT managed devices connect to the network, the risk of cyber security events becomes a real challenge for IT and Facilities teams. Nuvolo OT Cyber Security brings device data into network monitoring tools so IT, Security, and Facilities teams share visibility. They know where the device is, what it is, and can act on threats and vulnerabilities immediately.

Three Steps to Nuvolo OT Cyber Security

Nuvolo OT Cyber Security leverages your already existing IT cyber security monitoring platforms by providing OT device inventory data and work order remediation. Here is our 3 step process:

Step One: A Single Device Inventory

OT Cyber Security enables a comprehensive, accurate device inventory that uses a standard data format allowing you to track assets and their locations easily. Knowing the devices in a facility, their locations, critical model identifiers, firmware, network attributes, and software versions are necessary information needed to secure them from cyber-attacks.

Step Two: Intelligence Hub to Bridge the Gaps

Nuvolo OT Cyber Security creates an intelligence hub that integrates the OT inventory data with device discovery and security vulnerability tools to bridge the gaps between the critical security insights provided by these tools. This allows for rapid device identification and correlation of them to vulnerabilities.

Step Three: Orchestrated Remediation

Nuvolo OT Cyber Security provides automated remediation workflows that generate rules-based work orders with remediation or patching details and its location in the building. This workflow automatically assigns work orders to an appropriate clinical engineer, information security analyst, or IT resource and tracks the progress of the work order through completion.

Key Workflows:

  • Matching the device IP address and MAC address with the Nuvolo device database to identify the device type, where it’s located, what department owns it, etc.
  • Generating a rules-based work order with remediation or patching details and the device’s location in the building
  • Auto assigning the work order to an appropriate facilities engineer, information security analyst, or IT resource.
  • Tracking the progress of the work order through to completion.
  • Identifying all other devices on the network with the same vulnerability and automatically generating work orders for pro-active remediation.

Key Capabilities:

  • Accurate Inventory — Track device details and operating system versions while monitoring location and IP address changes.
  • Integration with Real-Time Monitoring Systems — Generate security alerts for issues identified by real-time monitoring systems like Palo Alto Networks, Cynerio, Asimily, Ordr, CyberMDX, Medigate and ServiceNow SecOPs
  • Vulnerable Device Identification and Matching — Quickly identify devices that match entries on vulnerability lists for remediation processing.
  • Automated Remediation Processing — Automate work order dispatching to fix issues identified by monitoring systems or security updates.

 

To learn more check out an OT Cyber Security solution walkthrough