Mirco Kloss, Business Development Manager Operational Technology DACH, at Fortinet.

What consequences does the Zero Trust approach have for the architecture and organization of network security?

Kloss: On the one hand, Zero Trust introduces an additional layer of protection between operational assets and potential attackers. Secondly, Zero Trust limits user access to what is absolutely necessary. In other words, even with compromised accounts, attackers can only access a small part of the company data.

However, an effective Zero Trust Access (ZTA) policy must use secure authentication: Two or more factors for authentication create additional security in the fight against cyber threats. CISOs must ensure that these processes do not become too complex and time-consuming - ZTA solutions with single sign-on are a sensible approach here.

And finally, ZTA enables significantly better transparency and management options within a network - or even across networks.

What particular challenges does Zero Trust pose for OT environments in particular?

Kloss : Many companies are now not only thinking about securing their own IT networks, but are also focusing on OT networks. OT environments usually comprise physical devices connected to the network, which in the past were isolated from the outside world by air gaps. However, with the increasing use of IIoT devices, OT environments are now reliant on digital connectivity to handle the processing of large amounts of data. This inevitably leads to an expanded attack surface.

The connectivity of the devices used therefore plays an important role in implementing an effective Zero Trust policy. This is because most IoT devices are not designed for security and have neither conventional operating systems nor sufficient computing power or memory to incorporate security functions.

OT environments must therefore be able to quickly detect and neutralize security threats to avoid operational downtime. On the one hand, this means loss of earnings, but in the worst case - for example in the event of attacks on critical infrastructures - it can even lead to the loss of human life.

What should companies bear in mind when implementing a Zero Trust architecture?

Kloss: The focus should be on protecting key assets as much as possible while enabling secure and continuous operations that prioritize speed, scalability and the longevity of the OT system.

One of the most important steps towards this is micro-segmentation in the production area, i.e. dividing the production environment into the smallest possible units. This allows those responsible for security to control each network and each production line separately - and even in the event of a successful attack, minimize the damage by reacting quickly. The security systems must also create a virtual air gap between OT and IT in order to protect them from threats and contain their effects.

In addition to a detailed inventory of current IT and OT security, companies should also focus on their employees - because people are still the biggest source of errors. With special training and the development of knowledge within the workforce, companies are already preventing one of the most common gateways.

Fortinet at the SPS 2021: Hall 6, Stand 259