Book Image

IoT and OT Security Handbook

By : Smita Jain, Vasantha Lakshmi
Book Image

IoT and OT Security Handbook

By: Smita Jain, Vasantha Lakshmi

Overview of this book

The Fourth Industrial Revolution, or Industry 4.0, is all about digital transformation, manufacturing, and production. The connected world we live in today, including industries, comes with several cybersecurity challenges that need immediate attention. This book takes you through the basics of IoT and OT architecture and helps you understand and mitigate these security challenges. The book begins with an overview of the challenges faced in managing and securing IoT and OT devices in Industry 4.0. You’ll then get to grips with the Purdue model of reference architecture, which will help you explore common cyber attacks in IoT and OT environments. As you progress, you’ll be introduced to Microsoft Defender for IoT and understand its capabilities in securing IoT and OT environments. Finally, you will discover best practices for achieving continuous monitoring and vulnerability management, as well as threat monitoring and hunting, and find out how to align your business model toward zero trust. By the end of this security book, you’ll be equipped with the knowledge and skills to efficiently secure IoT and OT environments using Microsoft Defender for IoT.

Related Content you might be interested in

Current Title:

Small book image
IoT and OT Security Handbook
Smita Jain | Vasantha Lakshmi
Mar, 2023 | 172 pages
Small book image
Microsoft Unified XDR and SIEM Solution Handbook
Sami Lamppu | Raghavendra Boddu
Feb, 2024 | 296 pages
Small book image
Practical Industrial Internet of Things Security
Sravani Bhattacharjee
Jul, 2018 | 324 pages
Small book image
Industrial IoT for Architects and Engineers
Joey Bernal | Bharath Sridhar
Jan, 2023 | 344 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1: Understand the Challenges in IoT/OT Security and Common Attacks
Part 1: Understand the Challenges in IoT/OT Security and Common Attacks
Free Chapter
2
Chapter 1: Addressing Cybersecurity in the Age of Industry 4.0
Chapter 1: Addressing Cybersecurity in the Age of Industry 4.0
How is Industry 4.0 being leveraged?
Understanding cybersecurity challenges in the age of Industry 4.0
Enumerating the factors influencing IoT/OT security
How to overcome security challenges
Summary
3
Chapter 2: Delving into Network Segmentation-Based Reference Architecture – the Purdue Model
Chapter 2: Delving into Network Segmentation-Based Reference Architecture – the Purdue Model
Zero-trust architecture
Network segmentation in the IoT/OT environment
Understanding the layers of the Purdue model
How layers disrupt security when not managed well
Summary
4
Chapter 3: Common Attacks on IoT/OT Environments
Chapter 3: Common Attacks on IoT/OT Environments
Why do we see frequent attacks on the OT/IoT environment?
Who performs attacks on OT/IoT systems and how and why do they do it?
Famous OT attacks
How do these attacks impact businesses and humans?
Summary
5
Part 2: How Microsoft Defender for IoT Can Address the Open Challenges in the Connected World We Live in Today
Part 2: How Microsoft Defender for IoT Can Address the Open Challenges in the Connected World We Live in Today
6
Chapter 4: What Is Microsoft Defender for IoT?
Chapter 4: What Is Microsoft Defender for IoT?
The IoT and OT environments
Risk and vulnerability management
Continuous threat monitoring
Operational efficiency
MDIoT benefits
Summary
7
Chapter 5: How Does Microsoft Defender for IoT Fit into Your OT/IoT Environment/Architecture?
Chapter 5: How Does Microsoft Defender for IoT Fit into Your OT/IoT Environment/Architecture?
The topology of network architecture
Diverse ways of traffic mirroring for OT monitoring
How the Purdue model is applied to MDIoT
Sensor placement considerations
OT sensor cloud connection methods
Summary
8
Chapter 6: How Do the Microsoft Defender for IoT Features Help in Addressing Open Challenges?
Chapter 6: How Do the Microsoft Defender for IoT Features Help in Addressing Open Challenges?
Missing asset inventory for IoT/OT devices
Risk and vulnerability management
Continuous IoT/OT threat monitoring, incident response, and threat intelligence
The installation of the MDIoT service
Summary
9
Part 3: Best Practices to Achieve Continuous Monitoring, Vulnerability Management, Threat Monitoring and Hunting, and to Align the Business Model Toward Zero Trust
Part 3: Best Practices to Achieve Continuous Monitoring, Vulnerability Management, Threat Monitoring and Hunting, and to Align the Business Model Toward Zero Trust
10
Chapter 7: Asset Inventory
Chapter 7: Asset Inventory
The device inventory in an on-premises console or the sensor console and the Azure portal
Asset visibility – IoT/OT and identifying the crown jewels
Summary
11
Chapter 8: Continuous Monitoring
Chapter 8: Continuous Monitoring
The protocol violation detection engine
The policy violation detection engine
The industrial malware detection engine
The anomaly detection engine
The operational engine
Summary
12
Chapter 9: Vulnerability Management and Threat Monitoring
Chapter 9: Vulnerability Management and Threat Monitoring
Risk assessment
Summary
13
Chapter 10: Zero Trust Architecture and the NIST Cybersecurity Framework
Chapter 10: Zero Trust Architecture and the NIST Cybersecurity Framework
How MDIoT helps in implementing the NIST Cybersecurity Framework
How MDIoT helps in ZTA implementations in an OT environment
Validating ZTA with attack vectors
Summary
14
Index
Index
Why subscribe?
15
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

Enumerating the factors influencing IoT/OT security

Attacks on internet devices have increased manifold in recent years and are commonplace now. The reasons for this are the following:

  • Weak credentials: How often have we ignored notifications to change our default passwords? We cannot forget the Mirai botnet attack, which made use of default usernames and passwords of this kind.
  • Legacy software and hardware: We don’t always see IoT devices being updated. With the pace at which technology is growing, it becomes very easy for attackers to find weaknesses. Hence, it is of paramount importance to always update devices.
  • Proprietary protocols and the complex structure of OT devices: With so many types of devices in use, we can only imagine the many proprietary protocols and the complex structures they would bring in. Siemens, Schneider, ABB, Rockwell Automation, and so on all use closed protocols.
  • Anomalous operational events: Operations such as start, stop, and restart are all priority commands for Retentive Timers (RTOs), PLCs, actuators, and so on. Hence, it becomes a priority to clearly distinguish legitimate events from anomalous events.

These are some of the obvious factors that affect IoT/OT security. As we proceed further through the book, we will see more of these factors and how MDIoT addresses the challenges involved.

Previous Section
End of Section 4
Next Section