Test, Assess, Defend:

Strengthening IT-OT Networks with

Robust Cybersecurity Assessments
Effective cybersecurity requires a combination of tactical and strategic
measures to minimize security risks across different layers of an environment,
encompassing both OT and IT systems. To fully protect critical infrastructure,
rigorous security testing is essential—ideally based on frameworks that mirror
the behaviours of advanced attackers.

F R O S T & S U L L I VA N E X T E N D E D B R I E F
The contents of these pages are copyright © Frost & Sullivan.
All rights reserved. frost.com
Test, Assess, Defend: Strengthening IT-OT Networks with Robust Cybersecurity Assessments 2

Examining the Must-Haves of a Complete

Security System
Building a Foundation: Scoping out vulnerabilities and gaps
During the past decade, information technology (IT) and operational technology (OT)
environments have been converging as part of global digital transformation.

For organizations with centralized monitoring systems and tools, systems dedicated
to examining converged OT/IT systems are crucial to bridge the gap between physical
and cyber security. With enhanced interoperability between IT and OT systems comes
not only streamlined process improvements, but also new challenges: outdated OT
hardware may bring a network of poorly secured access points into the IT ecosystem,
which introduces new vulnerabilities to the attack surface. This convergence opens
up opportunities for innovative and covertly disguised cyberattacks that can mean
disastrous damage for enterprises at large.

To understand what an enterprise’s IT and OT security team might

be missing, it is important to analyze the starting point: What are
the gaps and vulnerabilities in a company’s existing IT and OT
infrastructures and, conversely, the associated security tools?
To produce security systems that can withstand the exploitation of technical
vulnerabilities, rigorous security testing is needed to fully assess and improve existing
preventative measures.
Test, Assess, Defend: Strengthening IT-OT Networks with Robust Cybersecurity Assessments 3

The security threat landscape has grown

tremendously in the past few decades; now
more than ever, IT and OT teams must be
sufficiently equipped with the tools, knowledge,
and programming needed to ensure effective
company-wide protection. Common threats and
countermeasures for industrial control system
security include the following:

f Infiltration of malware via removable media

and external hardware
f Malware infection via internet and intranet
f Human error sabotage
f Extranet and cloud components
f Social engineering and phishing
f DDos attacks
f Vulnerabilities in control components connected to the internet
f Intrusion via remote access
f Technical malfunctions and force majeure
f Smartphones in the production environment

In an expanding cybersecurity threat landscape, end-to-end security is

essential to ensure the future of digital factories and to fortify a strong
ecosystem for overall business success.

A blueprint for assessment-led cybersecurity design

The number of security vulnerabilities can increase daily, making it difficult for security
teams to keep up. Cyberattacks can pose great risk to an enterprise’s manufacturing
processes as well as internal and external operations, leading to potential disruption in
business operations, continuity, and product quality. Enterprises must understand the
criticality of their potential exposure to cyber-risks so they can properly protect against
and mitigate them. Furthermore, systematic and regular security risk management
and investigation are crucial for businesses to successfully align with global security
standards (such as ISO 27001) and local cybersecurity laws. Compliance is necessary
to ensure a successful future of business operations and growth.
Test, Assess, Defend: Strengthening IT-OT Networks with Robust Cybersecurity Assessments 4

Organizations are no longer safe without

full visibility into the security status of
their OT and IT environments, including
a view of their threat landscape in its
entirety. Effective security detection
requires an assessment-led process
that identifies threats and vulnerabilities
using tailored penetration testing that
accounts for realistic security attacks. A
factory status analysis includes a holistic
assessment of an enterprise’s current
state and provides insight into future
needs, recommendations, and mitigation
measures, if necessary. The factory status
analysis includes four phases.

Phase I - Definition and Scoping of Assessment: The enterprise provides

the documentation and infrastructure overview needed to define scope,
attack paths, and worst-case scenarios.

Phase IIa – Friendly Hacking Analysis: Assessments verify the

effectiveness of technical security controls, including the verification of
both existing and newly identified attack paths, and evaluate the full
impact of risk exposure.

Phase IIb – Organization and Process Analysis: Identifying the underlying

processes and roles in place uncovers the root causes of security issues
detected through friendly hacking so that sustainable improvements can be
made rather than only fixing symptoms.

Phase III – Definition of Mitigating Measures: To close off an effective

analysis process, enterprise-wide alignment of assessment results is
necessary. This includes defining and aligning recommended solutions
to close gaps, fortifying existing vulnerabilities, and advancing the
implementation of a comprehensive cybersecurity roadmap.

A phased approach is critical to both understand the root causes of potential threats
and to solve risk exposure through as many avenues as possible. The next section
discusses the importance of aligning assessments with the behaviors and strategies
that contemporary hackers employ to ensure maximum effectiveness and real-world
application.
Test, Assess, Defend: Strengthening IT-OT Networks with Robust Cybersecurity Assessments 5

Identifying Baselines With

End-To-End Testing Strategies
Leveraging assessment frameworks curated for industrial assets
Penetration testing must work within a framework built from the ideas that
contemporary hackers employ to compromise weak environments. Both friendly
hacking analysis and organization and process analysis are critical to understand the
full scope of an enterprise’s potential security gaps and resulting risk exposure.

Friendly hacking analysis typically varies between penetration tests and Team Red
assessments. When paired with vulnerability assessments, it provides a holistic and
robust assessment.

1. Vulnerability Assessments: A tool-based approach to identify flaws and reduce

the attack surface
2. Penetration Tests: A tool-based approach paired with manual testing to identify
security gaps, validate attack paths, and reduce the attack surface by implementing
mitigation measures
3. Team Red: An emulation of real-world attackers to test the security operation as a
whole, making visible the full impact of existing security vulnerabilities and testing
the compromise-ability of the most crucial data and systems
Test, Assess, Defend: Strengthening IT-OT Networks with Robust Cybersecurity Assessments 6

Organization and process analysis are just as integral to successful cybersecurity and
can cover the following areas, depending on scope and individual relevance:

f Asset Management
f Availability Management
f Security Operations
f Physical Security
f Network Security
f System and Application Security
f Access Control
f Supplier and Service Provider Management

Using this multi-pronged approach and assessment topics for both

software and hardware, each focus area offers a unique vantage point
from which enterprises can properly examine verified risk and take
measures towards managing systems and strengthening security
across (and integrated through) IT and OT teams.

THE SIEMENS APPROACH

The Siemens approach to penetration testing gives organizations full

transparency into all possible threats on any attack surface and any vulnerable
process gap at risk of exploitation.

This testing approach supports current operational processes in maturing into

secure systematic approaches, then ensuring compliance with security standards,
regulations, and local cybersecurity laws.

Finally, Siemens’ penetration testing and assessment work across both IT and OT
environments to offer organizations a unique view at this convergence point. It is
insufficient to discover gaps only in OT security when attackers may enter from IT,
making it crucial to test from this distinctive vantage point.
Test, Assess, Defend: Strengthening IT-OT Networks with Robust Cybersecurity Assessments 7

Coming full circle: From threat transparency to process maturity

Rigorous assessments that factor in contemporary cyberhacking techniques can help
validate the assessment approach and offer recommendations to close any gaps.
Recommendations offered by the last phase (defining mitigating measures) consider
both criticality and budget to effectively implement and align a security roadmap.
Process maturity is central to this approach – it is crucial to consider the long-term
scope of cybersecurity in addition to the quick wins during daily operations.

As critical as the assessment period is, the implementation of mitigation response,

data backup and restore, and business continuity plans must become an enterprise’s
holistic focus when looking to ensure sustainable cybersecurity. Further, a disaster
recovery plan must be part of this mission. With Siemens’ three-pronged approach of
definition, assessment, and implementation, IT and OT teams can feel prepared and
fully equipped to handle any cyberattack and to respond effectively, efficiently, and
with full confidence.
Test, Assess, Defend: Strengthening IT-OT Networks with Robust Cybersecurity Assessments 8

The Expert’s Guide to Streamlining

Cybersecurity Processes
Pairing industry experience with technical best practices
Custom OT security solutions that pair penetration testing with tailored attack
assessments arm organizations with full visibility through a single-entry point,
enabling a sustainable and scalable future of cybersecurity. When considering
effective penetration testing and assessment systems, five key considerations emerge.

f IT-OT assessment: The ability to handle increasingly converged IT-OT

environments with the distinct knowledge of how IT hackers can potentially
interface with outdated and unsecure OT systems
f Technical and non-technical assessments: Utilizing a multi-dimensional approach
of both identifying potential attack surfaces to fix gaps and running process
assessments to understand the root cause of attacks
f Process assessment and ISO support: Proven, repeatable processes
allowing security teams to quickly enact process improvements, maximize
security, and guarantee compliance with security standards and
cybersecurity laws
f One-stop reporting service: Centralized visibility on all attack
surfaces, filtering out false positives and ensuring that teams
can act on those most relevant without distractions,
guided by recommendations for sufficient mitigation
solutions
f Cutting-edge approach and reporting:
Utilizing frameworks mirroring modern
cyberattackers, emulating their
approaches such that systems are
always prepared to protect against
potential threats
Title of Paper goes here Title of Paper goes here Title of Paper goes here 9

THE SIEMENS APPROACH

Enter Siemens’ penetration testing and assessments. As a major global OT security
expert with decades of experience in converged IT-OT environments, Siemens offers
domain expertise in employing assessments, finding and exploiting an organization’s
weaknesses, and providing sustainable and scalable recommendations. Siemens’
structured process and approach to OT cybersecurity assessments sets it apart as the
leading technology partner to modern security teams.

The three R’s of scalable security: Reliability, repeatability, and

reinforcement
To stay ahead of threats, the security industry has innovated at a rapid pace,
attempting to build solutions for every problem and adding features to fill emerging
gaps. While thorough and somewhat effective, these innovations have led to
both technical debt and redundant complexities rather than scalable, sustainable
cybersecurity solutions. When every new product requires a new set of skills for
management, proactive problem solving can often fall by the wayside and leave gaps
in security teams’ ability to address potential threats. To achieve scalable cybersecurity,
Siemens’ testing, assessment, and recommendation approach offers tailored security
solutions for IT and OT systems that rely on a single, unified ecosystem for detection
and redress. To enable reliable, repeatable, and reinforced IT-OT security, Siemens
offers four strengths, as follows.

f Complete visibility: Allows immediate transparency of risk exposure in an

organization’s OT environment
f Preventative identification: Enables full discovery of threats, vulnerabilities, and
potential areas of exploitation before real attackers have the chance to strike
f Process maturation: Enhances the maturity levels of IT and OT operations
f Certified compliance: Supplies the necessary ISO/IEC 27001 certifications
Scalable security means a convergence between valid reported results, mitigated
risk analysis, clear future recommendations, and support in creating specific security
roadmaps. Siemens’ unique approach to IT-OT security through targeted testing and
reporting establishes a stronger foundation for scalable and sustainable industrial
cybersecurity.
Test, Assess, Defend: Strengthening IT-OT Networks with Robust Cybersecurity Assessments 10

ABOUT SIEMENS Cybersecurity

Assessments for OT
Siemens taps into 35 years of experience working with threats in the IT and OT
domains and taking protective measures for its products and components.

Cybersecurity-Readiness Assessments comprise a framework of testing methods

and offerings that position customers to discover security shortcomings in IT/OT
systems and infrastructures as well as in products, solutions, and services.

Our holistic approach is designed to identify procedural security gaps and technical
vulnerabilities before they are exploited by bad actors. In doing so, our security
experts assess your OT environment and, if necessary, give advice regarding
immediate countermeasures to close security gaps, and therefore prevent costly
production outages. In a clear report on the current security status of your assets, we
also provide a detailed overview of security findings and comprehensive mitigation
recommendations to close detected gaps.

.
Test, Assess, Defend: Strengthening IT-OT Networks with Robust Cybersecurity Assessments 11

Cybersecurity-Readiness Assessments comprise a three-step approach.

First is an analysis of relevant documentation and infrastructure, followed by a
workshop to understand the scope of relevant systems and infrastructure and
identify realistic attack paths, including an analysis of security policies and system
configurations. Finally, we define worst-case scenarios for your business.

Second, based on this preliminary work, we provide customer-tailored analysis.

This is either a Friendly Hacking Analysis to emulate real-world attackers consisting

of
• verification of security controls’ effectiveness on a technical level,
• controlled and aligned hacking attempts of the factory infrastructure,
• discovery and verification of realistic attack paths, and
• “proof-points” on feasibility and impact for evaluating the risk exposure;
or
an Organization & Process Analysis by conducting interviews with factory contacts,
generally a production IT/OT department to

• understand how things currently work in the IT & OT setup,

• identify the risks and security status where urgent measures are required, and
• provide transparency about security issues.

Third, we define mitigating measures. We provide a clear report containing

comprehensible findings and recommendations for possible solutions to close the
identified gaps, considering criticality and budget. For ongoing support, we create a
specific security roadmap regarding technical quick wins and adjustments on the OT
appliances.
Growth is a journey. We are your guide.
For over six decades, Frost & Sullivan has provided actionable insights
to corporations, governments and investors, resulting in a stream of
innovative growth opportunities that allow them to maximize their
economic potential, navigate emerging Mega Trends and shape a
future based on sustainable growth.

Contact us: Start the discussion