2023 ARC Forum: MSSP Strategies for OT Cybersecurity

Overview

Lack of resources is a global issue that plagues OT cybersecurity pro-grams.  It undermines efforts to monitor and sustain security hygiene and ensure proper governance of established security policies. It also prevents timely analysis and follow-up on vulnerability advisories and system security alerts. The net effect is that many of today’s facilities are operating with known security problems that leave them open to serious cyber attacks.

While companies have tolerated this situation, the risks are significantly growing.  The sophistication of today’s malware and attackers reduce the effectiveness of traditional defenses. Digitalization efforts are likewise creating new pathways for attacks. This situation demands urgent attention.

Some companies have been trying to address these resource gaps but are finding it hard to find qualified people with experience in OT environments.  Hiring restrictions and the extraordinarily high costs of cybersecurity professionals add to their recruiting challenges. Many are therefore looking to MSSPs to fill their resource needs.  To help these companies, a panel of end users shared their OT cybersecurity resource strategies in the  MSSP Strategies for OT Cybersecurity workshop at the 2023 ARC Forum in Orlando, Florida. 

ARC Frames MSSP for OT Cybersecurity Issues

ARC kicked off the MSSP Strategies for OT Cybersecurity workshop at the 2023 ARC Forum in Orlando, Florida with a brief presentation by ARC vice president and cybersecurity practice leader Sid Snitkin. It began with a brief overview of OT cybersecurity resource challenges and options companies must consider to alleviate their impact on security efforts.

A review of the activities that can be outsourced to an MSSP and common choices of the type of supplier followed.

ARC’s presentation concluded with some recommendations of things that companies should consider before engaging in an OT cybersecurity MSSP relationship. This includes:

What Kind of Company Should You Use for Cybersecurity Services?

• What services do you want to outsource? What’s their expertise and coverage in these areas?

• How familiar are they with your operations and control systems?

How Do You Select the Best Company for Your Needs?

• What criteria do you use to assess an MSSPs OT-specific cybersecurity capabilities?

• What OT-specific issues need to be included in contracts?

How Are You Going to Manage the Relationship?

• How will you measure/monitor performance given the unique operating constraints that exist in your facilities?

• How will you manage responsibility issues when they cross various automation vendors, security teams, and service providers?

How Are You Going to Allocate Responsibilities?

• Who does what considering the issues that can arise when certain tasks require on-site execution and coordination with operations?

• What rules do you need to establish to ensure that security work is performed in ways that are acceptable to operations?

ARC Advisory Group clients can view the complete report at  ARC Client Portal

If you would like to buy this report or obtain information about how to become a client, please  Contact Us

Keywords: ARC Industry Forum, Industrial Cybersecurity, Managed Security Service Providers, ARC Advisory Group.