Reliable, safe access to water plays an essential role in modern life, and now more than ever amid the current global pandemic, cyber attacks against critical water infrastructure have high potential to cause significant disruption and public health risk. But a combination of legacy systems, inherently geographically dispersed operational technology (OT) environments, and growing connectivity to more users and IT systems can put water utilities at risk of cyber attacks that can disrupt our access to safe water.
Reflecting the increased cyber risk to OT environments, for the first time in its dozen years of publication the Verizon Data Breach Investigations Report (DBIR) for 2020 examined how its findings impact not just IT security, but OT security as well.
In our work with many of the leading water utilities around the world, three of the top challenges we see clients face include:
Lack of asset visibility: Water utilities can have hundreds of miles of pipelines and several pumping stations, water treatment plants, and storage and distribution systems located across the area they serve. The large physical footprint combined with often rapidly growing infrastructure to support population and business growth, can result in inconsistent documentation of OT assets and lack of full visibility into the OT environment to detect potential threats and vulnerabilities and mitigate risk.
Remote, unmanned facilities: Pumping stations and other facilities are often unmanned. Employees and third-party vendors remotely access these systems to perform maintenance and gather operational data. Systems, switches, and controllers may be compromised if the authorized parties' systems are infected with malware, their access credentials have been stolen or they otherwise don't uphold adequate security hygiene. Further exposing these systems to risk, many water providers have no way to ensure that only authorized parties are accessing appropriate systems and making agreed upon changes.
Compliance with new regulations: Under America's Water Infrastructure Act (AWIA), utilities that provide drinking water must conduct risk and resilience assessments and revise emergency response plans. These changes require a detailed understanding of the OT network in order to meet the U.S. Environmental Protection Agency (EPA) deadline in 2020, but many water providers lack the visibility and data to comply with the mandate.
Water utilities are deploying the Claroty Platform on top of their existing infrastructure to address these challenges.
Leveraging Claroty's Continuous Threat Detection (CTD), IT security, network, and OT teams can gain granular details of all assets, sessions, processes, and corresponding risk levels, to identify threats and vulnerabilities in the OT network to mitigate risk and assure continued operations of critical processes.
Claroty Secure Remote Access (SRA) safeguards OT networks from threats introduced via unmanaged and unmonitored access by remote users, including employees and third-party vendors. Staff and third parties can access systems to do their jobs from wherever they are. While security teams have granular control, the ability to audit access, and additional levels of security, such as password vaulting, to enforce stringent security hygiene and mitigate risk. Unauthorized access is immediately blocked, and unusual network activity triggers an alert to the team.
The Claroty Enterprise Management Console (EMC) simplifies management at scale, consolidating data from Claroty products and providing a unified view of assets, activities, and alerts across multiple sites. The Claroty Platform also integrates seamlessly via the EMC with IT security infrastructure so all teams can use the solution to strengthen security – lowering total cost of ownership (TCO) while maximizing return on investment (ROI).
Together, these solutions also give water suppliers the capabilities they need to conduct risk and resilience assessments to comply with the new AIWA mandate.
As we continue to enhance our solutions, the latest releases deliver even greater visibility and accessibility to all users. Expansions to protocol coverage, as well as the level of detail provided at the asset, network, and process levels, further enhances visibility. Meanwhile, fully customizable dashboards enable users to more-easily filter, pinpoint, and action the information most critical to their priorities.
The security and reliability of critical infrastructure—such as water, power, and telecommunications—is more essential than ever amidst the current global pandemic. In recent weeks, we've all gained a greater appreciation for operational uptime and availability of vital services and the capability to quickly and safely pivot to support a surge in workers who need to work from home. We've also learned that while there are few constants in our lives—the need for a safe, reliable supply of water will never waver.
Global CPS Security Study Reveals Major Financial Impacts and Business Disruptions Amid Persistent Cyber Attacks
Air Gapping Reimagined: Why Air Gapping is Crucial in the Digital Future
Navigating the Industrial Cybersecurity Landscape