IoT and OT Security Handbook

By : Smita Jain, Vasantha Lakshmi

IoT and OT Security Handbook

By: Smita Jain, Vasantha Lakshmi

Overview of this book

The Fourth Industrial Revolution, or Industry 4.0, is all about digital transformation, manufacturing, and production. The connected world we live in today, including industries, comes with several cybersecurity challenges that need immediate attention. This book takes you through the basics of IoT and OT architecture and helps you understand and mitigate these security challenges. The book begins with an overview of the challenges faced in managing and securing IoT and OT devices in Industry 4.0. You’ll then get to grips with the Purdue model of reference architecture, which will help you explore common cyber attacks in IoT and OT environments. As you progress, you’ll be introduced to Microsoft Defender for IoT and understand its capabilities in securing IoT and OT environments. Finally, you will discover best practices for achieving continuous monitoring and vulnerability management, as well as threat monitoring and hunting, and find out how to align your business model toward zero trust. By the end of this security book, you’ll be equipped with the knowledge and skills to efficiently secure IoT and OT environments using Microsoft Defender for IoT.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Get in touch

Share Your Thoughts

Download a free PDF copy of this book

Part 1: Understand the Challenges in IoT/OT Security and Common Attacks

Free Chapter

Chapter 1: Addressing Cybersecurity in the Age of Industry 4.0

How is Industry 4.0 being leveraged?

Understanding cybersecurity challenges in the age of Industry 4.0

Enumerating the factors influencing IoT/OT security

How to overcome security challenges

Summary

Chapter 2: Delving into Network Segmentation-Based Reference Architecture – the Purdue Model

Zero-trust architecture

Network segmentation in the IoT/OT environment

Understanding the layers of the Purdue model

How layers disrupt security when not managed well

Summary

Chapter 3: Common Attacks on IoT/OT Environments

Why do we see frequent attacks on the OT/IoT environment?

Who performs attacks on OT/IoT systems and how and why do they do it?

Famous OT attacks

How do these attacks impact businesses and humans?

Summary

Part 2: How Microsoft Defender for IoT Can Address the Open Challenges in the Connected World We Live in Today

Chapter 4: What Is Microsoft Defender for IoT?

The IoT and OT environments

Risk and vulnerability management

Continuous threat monitoring

Operational efficiency

MDIoT benefits

Summary

Chapter 5: How Does Microsoft Defender for IoT Fit into Your OT/IoT Environment/Architecture?

The topology of network architecture

Diverse ways of traffic mirroring for OT monitoring

How the Purdue model is applied to MDIoT

Sensor placement considerations

OT sensor cloud connection methods

Summary

Chapter 6: How Do the Microsoft Defender for IoT Features Help in Addressing Open Challenges?

Missing asset inventory for IoT/OT devices

Risk and vulnerability management

Continuous IoT/OT threat monitoring, incident response, and threat intelligence

The installation of the MDIoT service

Summary

Part 3: Best Practices to Achieve Continuous Monitoring, Vulnerability Management, Threat Monitoring and Hunting, and to Align the Business Model Toward Zero Trust

Chapter 7: Asset Inventory

The device inventory in an on-premises console or the sensor console and the Azure portal

Asset visibility – IoT/OT and identifying the crown jewels

Summary

Chapter 8: Continuous Monitoring

The protocol violation detection engine

The policy violation detection engine

The industrial malware detection engine

The anomaly detection engine

The operational engine

Summary

Chapter 9: Vulnerability Management and Threat Monitoring

Risk assessment

Summary

Chapter 10: Zero Trust Architecture and the NIST Cybersecurity Framework

How MDIoT helps in implementing the NIST Cybersecurity Framework

How MDIoT helps in ZTA implementations in an OT environment

Validating ZTA with attack vectors

Summary

Index

Why subscribe?

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Download a free PDF copy of this book

Customer Reviews

5 star

4 star

3 star

2 star

1 star

The protocol violation detection engine

Generally, protocol violations can be identified by field values and packet structures that are being used in ways that go against the ICS protocol specifications.

In Figure 8.1, we can see Modbus Exception as an example of something picked up by the protocol violation engine. A secondary device did not send a response to the primary device when sending the exception code. This violation of the protocol was detected by MDIoT:

Figure 8.1 – Example of a protocol violation

Note

In the MDIoT portal for the Modbus alert, the primary device is referred to as the master device, and the secondary as the slave. However, due to their unsavory connotations dating back to colonization, standardization organizations have spoken against the usage of these terms. We have used primary and secondary in this book, but there are various alternatives available, such as controller-responder and primary-replica. You can read more...

IoT and OT Security Handbook

By : Smita Jain, Vasantha Lakshmi

IoT and OT Security Handbook

By: Smita Jain, Vasantha Lakshmi

Overview of this book

Related Content you might be interested in

Current Title:

IoT and OT Security Handbook

Microsoft Unified XDR and SIEM Solution Handbook

Practical Industrial Internet of Things Security

Industrial IoT for Architects and Engineers

The protocol violation detection engine