OT asset management insights
- OT asset management is being used to help give insight to a company’s OT systems and is underused in the industry.
- This helps with security, safety and compliance.
- To have an effective OTAM, businesses must implement physical inspection information, passive monitoring methods, configuration analysis and active discovery techniques.
The terms “OT asset management” (OTAM) and “OT asset visibility” are often used interchangeably in the operational technology (OT) cybersecurity industry, mostly because there is not a clear definition between the two.
Today’s traditional OTAM is often considered complete by passive monitoring solutions, which only have visibility into actively connected devices. However, The NIST 800-82 Special Publication, Revision 3 defines OT asset management as: “The ability for organizations to properly and consistently identify and consistently manage data, personnel, devices, systems and facilities based on their relative importance to provide the foundational capability to support an organizational cybersecurity program.”
According to this definition, OTAM goes beyond OT asset visibility and OT asset detection by requiring action. Asset visibility is an indispensable aspect of industrial cybersecurity, but it shouldn’t be the end goal. Fusing OT asset visibility with asset management sets security teams up for success to identify, monitor, and manage their OT assets and infrastructure.
The current state of OT asset management
Asset management is one of the most undervalued activities in the OT space. According to a Ponemon Institute report, only:
- 45% of respondents say their organizations are effective in discovering and maintaining an inventory of all devices attached anywhere on the OT network throughout the asset lifecycle.
- 29% of respondents say that asset discovery and management is used as a means to protect the ICS environment.
- 41% of the respondents say that asset management solutions are part of their top three investment priorities.
Why do you need OTAM?
Critical infrastructure organizations need to ensure the safety of employees and the public, create an effective cybersecurity program and prepare for future regulatory requirements. OTAM empowers security teams to identify, monitor and manage changes for every OT asset in their infrastructure.
- Safety: In OT environments, digital assets impact the physical world. OTAM helps ensure safety if an unintended or unauthorized change occurs in a device or system.
- Security: Accurate asset data and security baselines are the foundation of a strong cybersecurity program. Historizing asset changes also provides a template for backup and recovery if an incident does occur.
- Compliance: Having an OTAM foundation in place helps you prepare for future compliance regulations that could affect your industry.
OT asset management requires automation and monitoring
To implement true OTAM effectively, security teams need an automated approach to identify, monitor and manage every asset and document appropriate changes, regardless of their connected state. Having a single source of truth for your asset base that includes configuration and change management enables a centralized cybersecurity program that can include vulnerability and patch management, version control, security baselines, risk assessments, incident response and compliance reporting.
Where to start
For effective OTAM, teams need to implement various techniques in gathering multiple sources of OT data: physical inspection information, passive monitoring methods, configuration analysis and active discovery techniques.
A simple way to achieve OTAM is to use a single tool that offers asset visibility and management in one place, and can support all four data collection options. The OT landscape is becoming increasingly complicated. Gaining situational awareness through asset visibility and successfully executing asset management can future-proof your OT cybersecurity program to withstand the compliance and security challenges to come.
Original content can be found at Industrial Defender.
Do you have experience and expertise with the topics mentioned in this article? You should consider contributing content to our CFE Media editorial team and getting the recognition you and your company deserve. Click here to start this process.