Our Platform

    Protect and safeguard your OT network and operations with the industry's most advanced, most capable cybersecurity platform.

    Learn More

      icon for visibility

      Asset and Network Visibility

      Discover and visualize every asset and every network connection in your OT environment.

      icon for policy enforcement

      Policy Enforcement

      Segment your network and enforce granular policies for true Zero Trust cybersecurity.

        icon-alert

        Anomaly and Threat Detection

        Identify unexpected or unauthorized activity, from Level 0 signals to cloud connections.

        icon for signal integrity

        Signal Integrity Validation

        Monitor physical process signals to detect threats and prevent system damage.

          Mission Secure Platform Overview

          Learn More

            Industries

            Keep your organization secure against cyber threats and take control of your OT network.

            View All Industries

              A Comprehensive Guide to Maritime Cybersecurity

              Learn More

                Resources

                Find helpful OT and ICS cybersecurity resources, guides, and downloads.

                View All Resources

                  eBook: A Comprehensive Guide to OT Cybersecurity

                  Read More

                    About Us

                    Our team of world-class OT, IT, and cybersecurity experts are setting the standard in OT cyber-protection.

                    Learn More

                      Cyber Risk: From a Hacker's Point of View

                      Listen Now
                        4 Min Read

                        Protecting OT Networks and Safeguarding Critical Operations

                        Written by Mission Secure

                        Protecting OT Networks and Safeguarding Critical Operations featured image

                        October is National Cybersecurity Awareness Month (NCSAM). The annual collaborative effort between government and industry aims to raise awareness about the importance of cybersecurity and ensure all have the resource to be safe and secure.

                        Led by the United States’ Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA), this year’s theme—Do your part. #BeCyberSmart— encourages individuals and organizations to own their role in protecting their part of cyberspace, stressing personal accountability, and the importance of taking proactive steps to enhance cybersecurity. At Mission Secure, cybersecurity is what we do. In support of NCSAM 2020, we’ve put together short “Interview Bytes” to discuss cybersecurity from an operational technology (OT) and industrial control system (ICS) perspective.


                         

                        Interview Bytes |Week 4: The Future of Connected Devices.

                         

                        “It’s just a crazy attack surface and exploits. It’s ‘an ounce of prevention is worth a pound of cure’ type situation.”

                        Autonomous vehicles, drone delivery, smart cities, AI, and machine-learning—the outlook of connected devices and a more interconnected existence look nearly certain. But how can we achieve new technological heights while staying secure?

                        As operations across industries digitally transform, they leave critical operational technology (OT) networks exposed. In the final segment in our National Cybersecurity Awareness Month series, Ed Suhler, VP of Defense Services, Mark Baggett, VP of Industrial Control Systems, and Weston Hecker, Ethical Hacker, share their words of advice for protecting critical operations today and into the future.

                        Question: What are some words of advice to protect critical operations from cyber threats?

                        From a Defense Perspective | Ed Suhler, VP of Defense Services: Don’t rely on outdated ways of thinking about cybersecurity to protect you. Air-gapping doesn’t work anymore. And make sure that the critical things you make sure work in your environment will work in the face of a threat.

                        From a Commercial Perspective | Mark Baggett, VP of Industrial Control Systems: I second that to say, know who’s on your network and what they’re doing. If you don’t have a view into your network, I can guarantee you’ve got people on there that you don’t know are there.

                        From a Hacker's Perspective | Weston Hecker, Ethical Hacker & Cyber Evangelist: Especially with everyone having their Internet of Things devices, a smart light bulb or things like that unnecessariness that needs to be plugged into a network, and with the rise of a small computer in your pocket—everybody has their iPhones or Android phones—you have a huge attack surface. And just with some of those, I’ve seen several proof-of-concepts where people are able to compromise an Android device. And then, it basically goes around compromising everything that it wirelessly comes in the range with. It’s “an ounce of prevention is worth a pound of cure” type situation.

                        The Future of Connected Devices: Protecting OT Networks and Safeguarding Critical Operations

                        The business case today for continuing to modernize OT is the same as it has been for more than 200 years: getting things done faster, more safely and efficiently, and at a lower cost. The benefits of OT investments cannot be overstated. Historically, OT has been one of the great contributors to improving quality of life by enabling the economical and safe delivery of clean water, energy, and wastewater treatment, as well as the production of many of life’s manufactured staples.

                        It is therefore not surprising that OT functionality is finding a wider audience beyond its traditional industrial base. The benefits of monitoring and controlling our physical environment are increasingly attractive to commercial enterprises, governments, and even consumers. But the cybersecurity concerns associated with OT have never been higher as the ability to isolate OT systems becomes increasingly difficult.

                        For organizations across industries, critical infrastructure, and national defense, the ultimate goal is cyber resiliency—to ensure the safety and security of operations in the face of a cyber-attack. It’s a task made difficult with the IT/OT convergence and the rapid adoption of new, emerging technologies. But one that organizations must achieve as they look to the future of connected devices and the protection of their critical OT networks and operations.

                        Tip of the Week: An ounce of prevention is worth a pound of cure. Protecting OT networks today is safeguarding operations against tomorrow’s cyber threats.

                        Do Your Part. #BeCyberSmart

                        Throughout October, industry experts and an ethical hacker shared their insights into today’s cyber risks, new vulnerabilities, heightened impacts, and recommendations for protecting critical OT networks and operations. Catch up on the series:

                        Week 1: Threats to Critical Infrastructure & Industrial Operations

                        Week 2: Words of Wisdom from an Industrial Ethical Hacker

                        Week 3: Cyber-physical Vulnerabilities: New Threats and Impacts

                        As technology continues to transform organizations, it is more pertinent than ever to reassess cybersecurity best practices, especially in protecting cyber-physical processes and systems. As Gartner poignantly states, “A focus on ORM – or operational resilience management - beyond information-centric cybersecurity is sorely needed.”

                         


                        About the Speakers:

                        Ed Suhler currently serves as the Vice President of OT Cybersecurity Implementation Services at Mission Secure, where he focuses on implementing Mission Secure’s patented technology to secure client operations from cyber risks. Ed often leads as the technical project manager for customer engagements, including Fortune 10 and 1000 clients in oil and gas, maritime, smart cities, and defense industries. Ed cybersecurity projects cover a range of control systems and critical assets, including transportation management systems, power distribution systems, and unmanned aerial systems (UAS) for the U.S. Navy. Ed holds five patents for applications of cyber protections to cyber-physical systems and has filed additional patents on his research efforts on system-aware cybersecurity methods and techniques. He’s authored numerous white papers on the application of system-aware cybersecurity and its use in industries such as transportation, oil and gas, autonomous systems, and electrical distribution systems. Ed holds a Bachelor of Science in Management and Management Information Systems from the University of Virginia.

                        Mark Baggett has over 30 years of experience and is an industry veteran and industrial control systems (ICS) expert. His expertise stems from the energy sector, where he’s designed, engineered, and implemented control systems for the industry’s biggest players, including BP, Total, Shell, Exxon, and ConocoPhillips, among others. Mark’s experience spans the globe with ICS projects across Europe, Asia-Pacific, and North America. As VP of ICS at Mission Secure, Mark leverages his expertise to help operations assess current systems, vulnerabilities, and potential attack vectors, providing guidance and recommendations to mitigate cyber risks and implement a secure cyber architecture. Mark’s managed cybersecurity projects for oil rigs, refineries, pipelines, manufacturing plants, and chemical facilities. He’s routinely invited to speak on ICS cybersecurity, most recently presenting at the SCADA Technology Summit and AIChE’s 2020 Spring Meeting. Mark holds a bachelor’s degree in Secondary Education and frequently teaches control system training courses at San Jacinto College located in Pasadena and Houston, Texas.

                        Weston Hecker contributes a wealth of cybersecurity expertise as a cyber evangelist and ethical hacker with over 17 years of pen-testing and 14 years of experience in cybersecurity research and programming. Weston’s found several software and firmware vulnerabilities, including Microsoft, Samsung, HTC, and Verizon. He works with organizations on their cybersecurity strategies, including leaders in oil and gas, chemicals, maritime, and defense sectors.

                        A regular on the cybersecurity circuit, Weston’s delivered over 50 presentations ranging from industry-leading events to regional conferences and universities. Notable events include Blackhat, Defcon, ISC2-Security Congress, SC-Congress, BSIDESBoston, and TakedownCON. Weston’s work with universities includes projects and training such as the “Hacking Oil Rigs for Profit” event at the University of Houston. He’s also working on a major university’s project with the Department of Homeland Security on 911 emergency systems and attack mitigation. Weston attended school in Minneapolis, where he studied Computer Science and Geophysics.

                        Topics:

                        Interested in learning more? Send us a message.