The first February meeting of the members of the Slovenian Corporate Security Association was dedicated to cyber security in OT environments with a special emphasis on industrial processes and security control systems. In practice, we perceive important security risks in these areas.

This time, we invited experts to the round table, who highlighted the issues from different angles. The guests were Mr. Dejan Dobrovoljc, Director of IT, Interblock d.d., Mr. Gordan Sket, IT Director at Akrapovič, Mr. Matjaž Demšar, Digital Industries, Siemens Slovenia, Mr. Aleš Ribič, Mr. Peter Ceferin, technical director of Smart Com and Mr. Žiga Podgoršek, Head of Information Security at ICS-Ljubljana. The event was moderated by the president of the association dr. Denis Čaleta.

At the beginning of the discussion, Mr. Podgoršek (Certified Ethical Hacker - CEH) presented a summary of the main findings and experiences from past security inspections of OT environments. In the following, we were able to hear a strategic view of the topic and an insight into international guidelines in this area. Special emphasis is placed on safety awareness of employees, which is one of the key factors of prevention in this area.

The participants of the event agreed that the successful participation of all stakeholders in this process is necessary for the successful management of cyber risks, both persons from the IT department or the information security department and the department in charge of physical and technical security and finally the industrial OT environment. Availability is especially important when talking about OT environments.

Regular security checks (static approach) and monitoring (dynamic approach) are also offered as possible solutions. It is important to connect Security Control Centers (VNCs) and emerging Security Operations Centers (SOCs). Cyber ​​security, however, must find a suitable place within a company’s organization.

Finally, we can give some recommendations from experts for the appropriate protection of OT environments:

Restrict access to the OT segment, which should be separate from the business network,

Restrict remote access to the OT segment,

Appropriate firewall configuration,

Segmentation within the OT network,

Update systems where possible,

Replace default or weak passwords

Use encryption protocols

Restrict access to the World Wide Web from IoT / OT devices

Physically protect IoT / OT devices,

Check that all settings are correct,

Search for security vulnerabilities and deficiencies through penetration testing and security inspections and monitoring.

Of course, the participants of the event also took an active part in the discussion, and this time they gathered in large numbers. In conclusion, dr. Čaleta invited everyone present to our next event, which will be on February 23, when we will host all the presidents of the regional associations that are members of the South-Eastern Europe Corporate Security Association (SEESCA).