Agentless Security Helps Water and Electric Systems Meet Zero Trust Goals

The security of our nation's infrastructure has been a strong focus, with mandates coming from the White House in the form of executive orders and funding being allocated from the Infrastructure Investment and Jobs Act. This is due to utility organizations having become increasingly vulnerable to modern threats given the amount of legacy operational technology (OT) they employ.

OT and internet of things (IoT) technologies were initially designed to deliver speed and transaction efficiency first, with security as a secondary goal. This has made OT and IoT a favorite target for cybercriminals, with a 400% increase year over year, according to Zscaler ThreatLabz research . In fact, 61% of all breaches targeted operational technology-connected organizations.

Consequently, many official agency notifications have been issued, from CISA to the Department of Energy to the EPA. All of these guidelines include similar advice on the path forward:

1. Reduce exposure to public-facing internet
2. Develop and exercise cybersecurity incident response
3. Conduct inventory of OT/IT assets
4. Reduce exposure to vulnerabilities

To meet these goals, microsegmentation is widely held as the key to stopping the spread of threats from OT into IT. This approach also allows organizations to meet zero trust requirements, advancing this new standard for cybersecurity architecture.