When shopping for a new car, you probably have some basic requirements like space for four passengers, some extra room for groceries, and the basics like airbags, a radio, and air conditioning. You’d take a trip to the car dealership and work with their salesperson to find and buy a car that checks all your boxes.
Now imagine if, after driving the car for a few days, you realize that almost half of the car’s features are disabled! If you loaded the car with people and groceries, the airbags wouldn’t function. Or, to get the air conditioning to work, you have to disable the radio.
What’s this got to do with automation systems cybersecurity? If you’re in the buying process for a solution that protects OT and IoT environments, then knowing that a provider’s security is always fully on, is very important. Without that, you could miss significant indicators of malicious activity, and risk a security breach or downtime.
Ask the Right OT Monitoring Questions
Let’s go back to the car buying analogy. After determining the car for you, you proudly start driving it around. But, as soon as you realize that almost half of the car’s features are disabled, you return to the dealership for help.
They tell you that yes, you do have those features you paid for, just not all of them at the same time. To make things even worse, there’s no logic for which features work when other features are being used. If you want more than half of the car’s features to work at the same time, you need to buy a bigger, more expensive model!
For those considering which industrial cybersecurity product to purchase, there’s a big lesson to be learned here. In many cases, information gathering consists of asking vendors yes and no questions. Rarely does anyone daisy-chain those question to ensure a ‘yes’ can coexist with another ‘yes’.
The Importance of “Always On” Security and Visibility for OT/IoT Environments
At Nozomi Networks, we believe in “always on” OT security. When we say we monitor x number of protocols, that means we support all of them, all of the time. You don’t need to pick and choose what to monitor in order to get the system to work. Everything gets monitored from our entire list of supported protocols. All of the time.
Why is this important? Because customers buy OT security products to learn what’s happening on their network and what security and reliability risks they have. It makes no sense to expect asset owners to know 100% of the OT, IoT and IT protocols in use today, or that will be in use tomorrow.
It’s our job to tell you what’s there, not the other way around. When the future arrives and new protocols are introduced to your environment, we’re ready to see them, and alert you of their presence. You shouldn’t have to predict the future of your network, just like you shouldn’t have to predict which features of a car you need to work together.
If your cybersecurity product isn’t always monitoring for new protocols, you’ll miss what could be potentially significant indicators of unwanted or malicious activity. This false sense of security can create blind spots for attackers to hide in, and lead to a security breach or downtime.
It’s important to be ready for the present and the future by always monitoring all of the protocols, all of the time. Just like having the air bags in your car always on, you want comprehensive protocol monitoring of your control networks always on.
To find out how the Nozomi Networks solution delivers “always on” security and visibility for OT and IoT environments, simply request a demo.