Book Image

IoT and OT Security Handbook

By : Smita Jain, Vasantha Lakshmi
Book Image

IoT and OT Security Handbook

By: Smita Jain, Vasantha Lakshmi

Overview of this book

The Fourth Industrial Revolution, or Industry 4.0, is all about digital transformation, manufacturing, and production. The connected world we live in today, including industries, comes with several cybersecurity challenges that need immediate attention. This book takes you through the basics of IoT and OT architecture and helps you understand and mitigate these security challenges. The book begins with an overview of the challenges faced in managing and securing IoT and OT devices in Industry 4.0. You’ll then get to grips with the Purdue model of reference architecture, which will help you explore common cyber attacks in IoT and OT environments. As you progress, you’ll be introduced to Microsoft Defender for IoT and understand its capabilities in securing IoT and OT environments. Finally, you will discover best practices for achieving continuous monitoring and vulnerability management, as well as threat monitoring and hunting, and find out how to align your business model toward zero trust. By the end of this security book, you’ll be equipped with the knowledge and skills to efficiently secure IoT and OT environments using Microsoft Defender for IoT.

Related Content you might be interested in

Current Title:

Small book image
IoT and OT Security Handbook
Smita Jain | Vasantha Lakshmi
Mar, 2023 | 172 pages
Small book image
Microsoft Unified XDR and SIEM Solution Handbook
Sami Lamppu | Raghavendra Boddu
Feb, 2024 | 296 pages
Small book image
Practical Industrial Internet of Things Security
Sravani Bhattacharjee
Jul, 2018 | 324 pages
Small book image
Industrial IoT for Architects and Engineers
Joey Bernal | Bharath Sridhar
Jan, 2023 | 344 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part 1: Understand the Challenges in IoT/OT Security and Common Attacks
Part 1: Understand the Challenges in IoT/OT Security and Common Attacks
Free Chapter
2
Chapter 1: Addressing Cybersecurity in the Age of Industry 4.0
Chapter 1: Addressing Cybersecurity in the Age of Industry 4.0
How is Industry 4.0 being leveraged?
Understanding cybersecurity challenges in the age of Industry 4.0
Enumerating the factors influencing IoT/OT security
How to overcome security challenges
Summary
3
Chapter 2: Delving into Network Segmentation-Based Reference Architecture – the Purdue Model
Chapter 2: Delving into Network Segmentation-Based Reference Architecture – the Purdue Model
Zero-trust architecture
Network segmentation in the IoT/OT environment
Understanding the layers of the Purdue model
How layers disrupt security when not managed well
Summary
4
Chapter 3: Common Attacks on IoT/OT Environments
Chapter 3: Common Attacks on IoT/OT Environments
Why do we see frequent attacks on the OT/IoT environment?
Who performs attacks on OT/IoT systems and how and why do they do it?
Famous OT attacks
How do these attacks impact businesses and humans?
Summary
5
Part 2: How Microsoft Defender for IoT Can Address the Open Challenges in the Connected World We Live in Today
Part 2: How Microsoft Defender for IoT Can Address the Open Challenges in the Connected World We Live in Today
6
Chapter 4: What Is Microsoft Defender for IoT?
Chapter 4: What Is Microsoft Defender for IoT?
The IoT and OT environments
Risk and vulnerability management
Continuous threat monitoring
Operational efficiency
MDIoT benefits
Summary
7
Chapter 5: How Does Microsoft Defender for IoT Fit into Your OT/IoT Environment/Architecture?
Chapter 5: How Does Microsoft Defender for IoT Fit into Your OT/IoT Environment/Architecture?
The topology of network architecture
Diverse ways of traffic mirroring for OT monitoring
How the Purdue model is applied to MDIoT
Sensor placement considerations
OT sensor cloud connection methods
Summary
8
Chapter 6: How Do the Microsoft Defender for IoT Features Help in Addressing Open Challenges?
Chapter 6: How Do the Microsoft Defender for IoT Features Help in Addressing Open Challenges?
Missing asset inventory for IoT/OT devices
Risk and vulnerability management
Continuous IoT/OT threat monitoring, incident response, and threat intelligence
The installation of the MDIoT service
Summary
9
Part 3: Best Practices to Achieve Continuous Monitoring, Vulnerability Management, Threat Monitoring and Hunting, and to Align the Business Model Toward Zero Trust
Part 3: Best Practices to Achieve Continuous Monitoring, Vulnerability Management, Threat Monitoring and Hunting, and to Align the Business Model Toward Zero Trust
10
Chapter 7: Asset Inventory
Chapter 7: Asset Inventory
The device inventory in an on-premises console or the sensor console and the Azure portal
Asset visibility – IoT/OT and identifying the crown jewels
Summary
11
Chapter 8: Continuous Monitoring
Chapter 8: Continuous Monitoring
The protocol violation detection engine
The policy violation detection engine
The industrial malware detection engine
The anomaly detection engine
The operational engine
Summary
12
Chapter 9: Vulnerability Management and Threat Monitoring
Chapter 9: Vulnerability Management and Threat Monitoring
Risk assessment
Summary
13
Chapter 10: Zero Trust Architecture and the NIST Cybersecurity Framework
Chapter 10: Zero Trust Architecture and the NIST Cybersecurity Framework
How MDIoT helps in implementing the NIST Cybersecurity Framework
How MDIoT helps in ZTA implementations in an OT environment
Validating ZTA with attack vectors
Summary
14
Index
Index
Why subscribe?
15
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

What this book covers

Chapter 1, Addressing Cybersecurity in the Age of Industry 4.0, covers Industry 4.0, which is the digital transformation that the manufacturing and production industries are going through in the connected world we live in today. However, there are a number of cybersecurity challenges associated with it, and they need immediate attention.

Chapter 2, Delving into Network Segmentation-Based Reference Architecture – The Purdue Model, explains the Purdue model and the industrial network architecture for industrial internet of things (IIoT), IoT, OT, supervisory control and data acquisition (SCADA), integrated computer systems (ICS), and more. OT is the base of the Purdue model.

Chapter 3, Common Attacks on IoT/OT Environments, elaborates on some of the common attack vectors that we see in IoT/OT. We will see how some of these attacks were made due to the weakness in the system.

Chapter 4, What is Microsoft Defender for IoT?, defines MDIoT, its features, and capabilities.

Chapter 5, How Does Microsoft Defender for IoT Fit into Your OT/IoT Environment/Architecture?, discusses multiple architectures and use cases and how we can fit MDIoT in various environments.

Chapter 6, How Do the Microsoft Defender for IoT Features Help in Addressing Open Challenges?, enumerates some of the business challenges of managing and securing IoT devices. Certain challenges are particularly important to address today as they affect not only business but also human life.

Chapter 7, Asset Inventory, builds upon the belief that your assets are of paramount importance, so we will show how increasing visibility into your assets will help reduce risk.

Chapter 8, Continuous Monitoring, helps with the detection of policy violations, industrial malware, anomalies, and operational incidents.

Chapter 9, Vulnerability Management and Threat Monitoring, looks at risk assessment, which forms an integral part of MDIoT. For example, the top vulnerable devices, variation from the baselines, remediation priorities based on the security score, network security risks, illegal traffic by firewall rules, connections to ICS networks, internet connections, access points, industrial malware, indicators, unauthorized assets, weak firewall rules, network operations, protocol problems, backup servers, disconnections, IP networks, protocol data volumes, and attack vectors are some of the topics discussed.

Chapter 10, Zero Trust Architecture and the NIST Cybersecurity Framework, focuses on Zero Trust, a security imperative. IoT devices, especially, are highly attacked, paving the way into the internal network and hence the OT network as well. MDIoT, with a minimal operating system (OS) footprint, can help organizations with rich information on risky OS configurations, strong identity for authentication, and so on to determine anomalies and unauthorized activities. Enterprise IoT is also discussed.

Previous Section
Next Section