As remote access moves beyond office environments and into the critical infrastructure and manufacturing sectors, concerns about cyberattacks that could leave citizens without power, water or transportation or send manufacturing and production to a screeching halt are quickly becoming major issues. Duncan Greatwood, CEO of Xage Security, explains the dangers of using “cobbled together” or insecure solutions to manage remote access in these sectors and why zero trust architecture must play an important role in modern security solutions that protect critical infrastructure and industry.
Security: What is your background, current role and responsibilities?
Greatwood: I have a long history in the tech industry. Before joining Xage, I was an executive at Apple, leading search technology projects and products. I also served as the CEO of Topsy, the pioneer in social media search and analytics that Apple acquired in 2013. Before Topsy, I was the founder and CEO of PostPath, the email and collaboration security company acquired by Cisco in 2008.
Currently, I serve as the CEO of Xage Security, where there is a focus on keeping critical infrastructure running securely for organizations across sectors such as energy, defense, utilities, transportation and manufacturing. I have made bridging the gap between operational technology (OT) and IT teams to secure critical infrastructure a top priority, and I am responsible for ensuring that those who need access to the most sensitive assets and information receive it promptly and securely while adversaries stay out of our nation’s critical infrastructure.
Security: Due to the pandemic, remote access is commonplace and is growing beyond typical office environments. In what sectors has the demand for remote access grown? How/for what functions are these sectors using remote access?
Greatwood: The demand for remote access has grown significantly in critical infrastructure sectors in recent years. System downtime can be hugely disruptive. For example, it can leave populations without essential products and services such as power, water or transportation. Without remote access and distributed workforce collaboration, operators rely on small on-site teams for system maintenance and optimization. But response times are of the essence.
In the case of critical manufacturing operations with distributed assets across facilities, employees and outside contractors need to be able to collaborate remotely to quickly troubleshoot. Whether it’s troubleshooting issues, installing new technologies, maintaining equipment or managing performance optimization, remote access enables better and more efficient work. By removing the hindering necessity of physical location, manufacturers can significantly bolster the daily quality and volume of work along with security measures.
Security: What challenges has this created for cybersecurity in these sectors?
Greatwood: A majority of today’s remote access solutions were built for IT systems and are therefore not suited to OT needs. Current IT-centric remote access security solutions (for example, virtual private networks (VPNs)) do not support defense-in-depth architectures deployed in industrial environments and require the use of vulnerable Windows-based jump servers that require maintenance and risk management. Some of these solutions require software to be deployed on operational systems, which introduces unnecessary risks due to the required software maintenance and sometimes direct internet connectivity for enabling collaboration.
Additionally, legacy remote access technology is often overly reliant on firewalls, which results in complex and unmanageable configurations. These solutions cannot provide limited, controlled access for users to specific devices. Instead, remote users are allowed into an implicit trust zone inside operational networks, where they have access beyond what is required for their task.
Cyberattacks exploiting vulnerable remote access mechanisms are skyrocketing and direct internet connections into OT environments are one of the reasons for the spike. There are also ongoing risks due to zero day vulnerabilities on VPNs and Windows-based jump servers. A successful attack against a manufacturing company’s OT systems, in particular, could cause a harmful disruption to production and cost millions of dollars of business impact daily.
Security: While many organizations have cobbled together solutions, there is obviously a need for modernized, secure remote access. How can this be accomplished?
Greatwood: Due to the pandemic, many companies have transitioned to distributed workforce strategy. Unfortunately, many manufacturers have been pressed to cobble together solutions, as you mentioned. Many of these turn out to be insecure, which opens up the business to significant risk.
Critical infrastructure operators should assess their current security controls in place for access management, secure remote access, privilege access management and secure zones (also referred to as Perdue model) to determine how to modernize their security architecture as well as reduce unnecessary risks and complexity.
Security: How big a role does zero trust play in these solutions and what does it look like for the organizations that employ zero trust?
Greatwood: Zero trust principles emphasize identity-based access management. Asset protection and privileged access management are crucial for modernizing remote access technology. However, it is important not to overlook minimizing disruptions to operations while ensuring current defense-in-depth approaches (like zoning) can remain in place.