The terms “OT asset management” and “OT asset visibility” are often used interchangeably in the OT cybersecurity industry, mostly because there is not a clear definition between the two.
Today’s traditional OT asset management is often considered complete by passive monitoring solutions, which only have visibility into actively connected devices. However, The NIST 800-82 Special Publication, Revision 3 defines OT asset management as: “The ability for organizations to properly and consistently identify and consistently manage data, personnel, devices, systems, and facilities based on their relative importance to provide the foundational capability to support an organizational cybersecurity program.”
According to this definition, OT asset management (OTAM) goes beyond OT asset visibility and OT asset detection by requiring action. Asset visibility is an indispensable aspect of industrial cybersecurity, but it shouldn’t be the end goal. Fusing OT asset visibility with asset management sets security teams up for success to identify, monitor and manage their OT assets and infrastructure.
Asset management is one of the most undervalued activities in the OT space. According to a Ponemon Institute report, only:
Critical infrastructure organizations need to ensure the safety of employees and the public, create an effective cybersecurity program, and prepare for future regulatory requirements. OT asset management empowers security teams to identify, monitor and manage changes for every OT asset in their infrastructure.
To implement true OTAM effectively, security teams need an automated approach to identify, monitor and manage every asset and document appropriate changes, regardless of their connected state. Having a single source of truth for your asset base that includes configuration and change management enables a centralized cybersecurity program that can include vulnerability and patch management, version control, security baselines, risk assessments, incident response and compliance reporting.
For effective OT asset management, teams need to implement various techniques in gathering multiple sources of OT data: physical inspection information, passive monitoring methods, configuration analysis and active discovery techniques.
A simple way to achieve OT asset management is to use a single tool that offers asset visibility and management in one place, and can support all four data collection options. The OT landscape is becoming increasingly complicated. Gaining situational awareness through asset visibility, and successfully executing asset management, can future-proof your OT cybersecurity program to withstand the compliance and security challenges to come.