The usage and connectivity of operational technology (OT) is rapidly growing as are the number of cyberattacks on OT environments. These attacks can disrupt operations, causing damage that can reach far beyond revenue and reputation to supply chain, human safety and critical infrastructure.
To help companies keep their OT environments secure, Palo Alto Networks launched what it claims is the most comprehensive Zero Trust OT Security solution.
A key component of the solution is the new cloud-delivered Industrial OT Security service, which can be easily enabled — without the need to install additional sensors — by any of the 61,000+ active customers of Palo Alto Networks network security products: hardware and software Next-Generation Firewalls (NGFW) and Prisma SASE. Built on an AI-powered foundation with ease of deployment in mind, the new solution enables customers to secure their OT environments from the most sophisticated threats while simplifying their operations.
The challenges around security OT
OT devices can be hard to secure because many lack built-in security and were not designed to be patched. In addition, high uptime requirements limit the ability to do regular security maintenance. OT environments are also at risk as organisations adopt new technologies like 5G, which enable mass connectivity, and open up remote access.
“Most OT security solutions in the market fall short because they can’t identify all the assets and can only alert but don’t prevent threats. This leads to a patchwork of siloed security technologies, which can lead to security gaps,” said Anand Oswal, SVP for network security at Palo Alto Networks. “Our OT Security solution is designed to help organisations stay secure through granular visibility and effective inline security while meeting their availability and uptime requirements.”
Implementation
Using the industry’s first ML-powered OT visibility engine, the Industrial OT Security service recognises hundreds of unique OT device profiles, and over 1,000 OT/Industrial Control System (ICS) applications, and has hundreds of distinct OT threat signatures to help protect these hard-to-secure assets.
“As industrial OT systems and IT systems become more interconnected, so does the size of the attack surface available to the adversary. Defending against increasingly sophisticated threats requires expanded security strategies that can provide visibility, context, and Zero Trust capabilities across both OT and IT networks, devices, applications, and users,” said Dave Gruber, principal analyst, Enterprise Strategy Group. “The Palo Alto Networks solution embraces this unified security model, promising to help protect complex OT environments.”
A notable feature of the service is its ability to help security teams proactively understand risk and apply controls. It continuously observes, categorises, and visualizes asset behaviour so anomalies can be discovered immediately and addressed with a firewall policy.
“Manufacturing has come into the crosshairs of many recent cyberattacks. Palo Alto Networks Industrial OT Security is a must-have to ensure security best practices are in place,” said Jared Mendenhall, director of information security at Impossible Foods. “We look forward to Palo Alto Networks’ dedicated OT Security solution to help us further secure our manufacturing plant, and remote operations, and realise our broader Zero Trust vision.”
Palo Alto Networks’ Zero Trust OT Security solution secures multiple OT use cases with consistent Zero Trust policies, all managed centrally:
- OT assets and networks using Palo Alto Networks NGFWs, along with the new Industrial OT Security service.
- Remote access using Prisma SASE.
- 5G-connected devices using NGFWs with Palo Alto Networks 5G-Native Security.