Aperture Podcast: Tony Baker on OT Cybersecurity Challenges, CIP Security
By Michael Mimoso | Aug. 12, 2021
Rockwell Automation Chief Product Safety and Security Officer Tony Baker has a unique perspective into the cybersecurity challenges ahead for operational technology, regardless of industry.
Those challenges are rooted in a number of familiar circumstances, including the sometimes exhausting, long lifecycle of some industrial products, and struggles in distributing software patches and firmware updates that require downtime in many cases to apply.
Baker makes an appearance on the latest episode of Claroty’s Aperture podcast and describes how this dynamic distinctly contrasts with shorter product turnover times on the IT side, and more mature vulnerability management programs.
“I think if you look at the major automation players and vendors, a lot of them have been evolving their technology platforms to make use of security best practices. I think the difference is how quickly that translates into the install base being able to leverage it,” Baker said.
“In ICS or OT, we could create the next greatest and most secure controller, but if you look at the install base, that’s going to take a long time for that to trickle and be prevalent throughout,” he said. “I think that’s one of the biggest challenges we see is that lagging nature, that no matter what we do on the front end, it’s going to take a long time to trickle through.”
Baker and his office at Rockwell are responsible for product security, and understanding what technologies can break through those barriers. One he covers in the podcast is CIP Security, a specification developed in 2015 that adds device authentication, data integrity, and confidentiality to ENIP networks.
The security extension ensures secure communication between control systems and devices. This enhancement to the Common Industrial Protocol allows CIP-enabled systems to defend themselves against malicious CIP-based communication. As attacks evolve and more industrial networks are connected to the internet and managed remotely from the cloud, message integrity between devices becomes indispensible, Baker said.
Other topics covered in this episode of Aperture include:
Some of the gaps OT network defenders are dealing with in terms of resources and funding
The short- and long-term impact of the high-profile attacks that have dominated headlines in 2021
Security challenges brought on by converged OT/IT networks
The prescriptive nature of U.S. government action in response to the the Colonial, JBS, and Oldsmar breaches.