When conducting a cyber security audit on an operation technology (OT) environment, there are several key areas that should be evaluated in order to identify and address potential security risks. Some of these areas include:
1. Network architecture and design: This includes evaluating the overall design of the OT network, including the placement and configuration of firewalls, intrusion detection/prevention systems, and other security devices. It also includes assessing the segmentation and isolation of different parts of the network, such as production and control systems.
2. Access control: This includes evaluating the procedures and technologies used to authenticate and authorise users and devices on the OT network. It also includes assessing the policies and controls in place for remote access, such as virtual private networks (VPNs) and remote desktop protocol (RDP) connections.
3. Asset management: This includes inventorying and tracking the devices, software, and other assets on the OT network. It also includes assessing the vulnerabilities and patch status of these assets, as well as the procedures in place for managing and maintaining them.
4. Monitoring and incident response: This includes evaluating the monitoring and logging capabilities of the OT network, as well as the procedures and technologies in place for detecting, responding to, and recovering from security incidents.
5. Compliance: This includes assessing the organisation’s compliance with relevant regulatory frameworks and standards, such as NIST SP 800-82 or IEC 62443, which are specific to the industrial control systems.
6. Third-party risk: This includes evaluating the security of any third-party providers, such as vendors and contractors, that have access to the OT network.
It’s important to note that the specific areas to look into for a cyber security audit will depend on the specific requirements of the operation technology environment and the compliance requirements of the organisation.
Australian Control Engineering is specialised in operation technology network audit, automation design and implementation for utilities industry. If you would like to learn more about our capability and understand how we can help you accelerate your results, please Contact us.