Harden Critical Infrastructure Environment
There are so many different steps or processes that an organization can follow to harden their OT environment as much as they possibly can, according to Rob Cataldo, managing director of Kaspersky North America. Events like the Colonial Pipeline ransomware attack are an eye-opener for large critical infrastructure organizations that want to ensure their controllers are hardened as much as possible.
Organizations need to see their own security posture through the lens of an adversary by conducting security assessments and penetration tests against themselves, Cataldo said. Companies must examine their internal practices around governance as well as their internal tools to ensure they’re mitigating targeted threats going forward, according to Cataldo.
An in-house security operations team can provide organizations with the proper people, processes and internal tools to properly defend themselves and detect threats early, Cataldo said. Businesses trying to be economical can outsource security operations functions to an MSSP, which will be tasked with stopping the same events from happening time and time again, according to Cataldo.