OT Asset Management Means Going Beyond OT Asset Visibility

The terms “OT asset management” and “OT asset visibility” are often used interchangeably in the OT cybersecurity industry, mostly because there is not a clear definition between the two.

Today’s traditional OT asset management is often considered complete by passive monitoring solutions, which only have visibility into actively connected devices. However, The NIST 800-82 Special Publication, Revision 3 defines OT asset management as: “The ability for organizations to properly and consistently identify and consistently manage data, personnel, devices, systems, and facilities based on their relative importance to provide the foundational capability to support an organizational cybersecurity program.”

According to this definition, OT asset management (OTAM) goes beyond OT asset visibility and OT asset detection by requiring action. Asset visibility is an indispensable aspect of industrial cybersecurity, but it shouldn’t be the end goal. Fusing OT asset visibility with asset management sets security teams up for success to identify, monitor and manage their OT assets and infrastructure.

The Current State of OTAM

Asset management is one of the most undervalued activities in the OT space. According to a Ponemon Institute report, only:

• 45% of respondents say their organizations are effective in discovering and maintaining an inventory of all devices attached anywhere on the OT network throughout the asset lifecycle.
• 29% of the respondents say that asset discovery and management is used as means to protect the ICS environment.
• 41% of the respondents say that asset management solutions are part of their top 3 investment priorities.

Why Do You Need OTAM?

Critical infrastructure organizations need to ensure the safety of employees and the public, create an effective cybersecurity program, and prepare for future regulatory requirements. OT asset management empowers security teams to identify, monitor and manage changes for every OT asset in their infrastructure.

• Safety: In OT environments, digital assets impact the physical world. OT asset management helps ensure safety if an unintended or unauthorized change occurs in a device or system.
• Security: Accurate asset data and security baselines are the foundation of a strong cybersecurity program. Historizing asset changes also provides a template for backup and recovery if an incident does occur.
• Compliance: Having an OT asset management foundation in place helps you prepare for future compliance regulations that could affect your industry.

OTAM Requires Automation & Monitoring

To implement true OTAM effectively, security teams need an automated approach to identify, monitor and manage every asset and document appropriate changes, regardless of their connected state. Having a single source of truth for your asset base that includes configuration and change management enables a centralized cybersecurity program that can include vulnerability and patch management, version control, security baselines, risk assessments, incident response and compliance reporting.

Where to Start

For effective OT asset management, teams need to implement various techniques in gathering multiple sources of OT data: physical inspection information, passive monitoring methods, configuration analysis and active discovery techniques.

A simple way to achieve OT asset management is to use a single tool that offers asset visibility and management in one place, and can support all four data collection options. The OT landscape is becoming increasingly complicated. Gaining situational awareness through asset visibility, and successfully executing asset management, can future-proof your OT cybersecurity program to withstand the compliance and security challenges to come.

‍

‍

‍