IoT and OT Security Handbook

By : Smita Jain, Vasantha Lakshmi

IoT and OT Security Handbook

By: Smita Jain, Vasantha Lakshmi

Overview of this book

The Fourth Industrial Revolution, or Industry 4.0, is all about digital transformation, manufacturing, and production. The connected world we live in today, including industries, comes with several cybersecurity challenges that need immediate attention. This book takes you through the basics of IoT and OT architecture and helps you understand and mitigate these security challenges. The book begins with an overview of the challenges faced in managing and securing IoT and OT devices in Industry 4.0. You’ll then get to grips with the Purdue model of reference architecture, which will help you explore common cyber attacks in IoT and OT environments. As you progress, you’ll be introduced to Microsoft Defender for IoT and understand its capabilities in securing IoT and OT environments. Finally, you will discover best practices for achieving continuous monitoring and vulnerability management, as well as threat monitoring and hunting, and find out how to align your business model toward zero trust. By the end of this security book, you’ll be equipped with the knowledge and skills to efficiently secure IoT and OT environments using Microsoft Defender for IoT.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Get in touch

Share Your Thoughts

Download a free PDF copy of this book

Part 1: Understand the Challenges in IoT/OT Security and Common Attacks

Free Chapter

Chapter 1: Addressing Cybersecurity in the Age of Industry 4.0

How is Industry 4.0 being leveraged?

Understanding cybersecurity challenges in the age of Industry 4.0

Enumerating the factors influencing IoT/OT security

How to overcome security challenges

Summary

Chapter 2: Delving into Network Segmentation-Based Reference Architecture – the Purdue Model

Zero-trust architecture

Network segmentation in the IoT/OT environment

Understanding the layers of the Purdue model

How layers disrupt security when not managed well

Summary

Chapter 3: Common Attacks on IoT/OT Environments

Why do we see frequent attacks on the OT/IoT environment?

Who performs attacks on OT/IoT systems and how and why do they do it?

Famous OT attacks

How do these attacks impact businesses and humans?

Summary

Part 2: How Microsoft Defender for IoT Can Address the Open Challenges in the Connected World We Live in Today

Chapter 4: What Is Microsoft Defender for IoT?

The IoT and OT environments

Risk and vulnerability management

Continuous threat monitoring

Operational efficiency

MDIoT benefits

Summary

Chapter 5: How Does Microsoft Defender for IoT Fit into Your OT/IoT Environment/Architecture?

The topology of network architecture

Diverse ways of traffic mirroring for OT monitoring

How the Purdue model is applied to MDIoT

Sensor placement considerations

OT sensor cloud connection methods

Summary

Chapter 6: How Do the Microsoft Defender for IoT Features Help in Addressing Open Challenges?

Missing asset inventory for IoT/OT devices

Risk and vulnerability management

Continuous IoT/OT threat monitoring, incident response, and threat intelligence

The installation of the MDIoT service

Summary

Part 3: Best Practices to Achieve Continuous Monitoring, Vulnerability Management, Threat Monitoring and Hunting, and to Align the Business Model Toward Zero Trust

Chapter 7: Asset Inventory

The device inventory in an on-premises console or the sensor console and the Azure portal

Asset visibility – IoT/OT and identifying the crown jewels

Summary

Chapter 8: Continuous Monitoring

The protocol violation detection engine

The policy violation detection engine

The industrial malware detection engine

The anomaly detection engine

The operational engine

Summary

Chapter 9: Vulnerability Management and Threat Monitoring

Risk assessment

Summary

Chapter 10: Zero Trust Architecture and the NIST Cybersecurity Framework

How MDIoT helps in implementing the NIST Cybersecurity Framework

How MDIoT helps in ZTA implementations in an OT environment

Validating ZTA with attack vectors

Summary

Index

Why subscribe?

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Download a free PDF copy of this book

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Validating ZTA with attack vectors

ZTA implementations can be validated by creating attack vector reports. These reports give you a visual simulation of the attack vector and path to the specific asset. The following screenshot shows how a PLC may be attacked by navigating connected devices in the path:

Figure 10.8 – An attack vector report

The preceding figure shows the attack vector simulation on an important device, PLC1.

The path from the internet to the PLC can be achieved in three easy steps:

Workstation 1 has an internet connection.
There are known vulnerabilities on the device that the attacker may leverage to compromise the device.
There is network connectivity between two subnets, meaning the attacker may enter another network. Also, there are known vulnerabilities on the PLC device, which may be used to compromise the PLC.

Simulation is an integral part of any cybersecurity program. However, given the sensitivity...

IoT and OT Security Handbook

By : Smita Jain, Vasantha Lakshmi

IoT and OT Security Handbook

By: Smita Jain, Vasantha Lakshmi

Overview of this book

Related Content you might be interested in

Current Title:

IoT and OT Security Handbook

Microsoft Unified XDR and SIEM Solution Handbook

Practical Industrial Internet of Things Security

Industrial IoT for Architects and Engineers

Validating ZTA with attack vectors