If you’re responsible for maintaining the integrity of mission-critical infrastructure, such as communications networks, power grids, first responder services or transportation networks, you know that keeping systems safe is of vital importance, as these networks are imperative to upholding public safety and our economy.
But, regardless of the industry you’re in, the increasingly complex and interconnected nature of business operations has made networks — and devices and people connected to them — vulnerable to malicious attackers looking to exploit them for economic gain.
One of the ways to best protect these high-value targets from cyberattacks is to partner with a cybersecurity vendor who can help eliminate vulnerabilities. Yet, in a market saturated with providers who all claim to have the silver bullet, selecting the right solution can be a daunting task. Knowing where to turn, and who to trust, isn’t always clear.
This is the first of a two-part series aimed to help you identify and select a strategic cybersecurity partner. Let’s start with the three key questions you should be asking, to evaluate if a solution will best meet your unique security needs.
- Does the solution impact our day-to-day business and operations?
In order to properly safeguard a business, many organizations believe that there will be some hit to operations, whether at a network-, technology- or end-user level. The adage, “No pain, no gain,” comes to mind, with companies assuming that deploying air-tight security processes causes some discomfort along the way.
But as you know, the technology and systems working hard behind-the-scenes to power your business cannot afford to be impacted. Downtime is simply not an option.
All of the operational technology (OT) systems that are now connected and inter-connected across the internet are making your networks vulnerable to possible attacks, which could result in a breach and the downtime you’re working hard to avoid.
Look to partner with a vendor that provides network and endpoint security that is not only compatible with other cybersecurity products, but also with minimal changes to the current operational environment. The best approach is commonly known as a network overlay. This type of solution doesn’t require the reconfiguration of legacy devices or current systems, operates on any transport (wired, WiFi, wireless broadband, satellite, etc.) and eliminates the need for the installation of agents onto controllers or Industrial Internet of Things (IIoT) sensors, where applicable.
- Can we take a phased deployment approach?
In addition to minimizing the operational impact of securing legacy systems, an overlay approach brings the added benefit of being deployed in stages. Initial deployments can focus on protecting legacy or other devices with known vulnerabilities and other system segments can be scheduled based on your individual needs. A phased approach or evolutionary deployment leaves you in control of your software and devices, rather than be driven by a set of policy or infrastructure changes that alter how your systems operate, and eliminates the burden on IT.
Many network security solutions require lengthy pre-deployment policy definitions and configuration setup prior to the introduction of security improvements. The overlay approach can enable almost immediate benefits that grow with scheduled rollouts. With an overlay approach, you stay in total control.
- Is the solution compatible with network protocols?
For enterprise operations, it’s important to partner with a cybersecurity provider that supports the protocols that power your existing networking communications, whether TCP/IP, UDP, ATM or frame relay. Industrial systems, on the other hand, use unique network protocols which are designed for localized communications and differ from enterprise IT networks which widely communicate with other parties of all types. These industrial protocols conflict with typical enterprise security solutions, which require substantial and costly modification to support an industrial control system (ICS) environment. Look for a cybersecurity solution that doesn’t impact your current system protocols. Even better, one that is operationally compatible with all industrial IEEE 802.3 protocols.
Stayed tuned for part two of this discussion, which will highlight more questions to ask during your security solution search. In the meantime, to find out how Blue Ridge Networks helps isolate and secure industrial control systems from cyber vulnerabilities, download our solution brief or contact us today.