In Cyber Security, we are always looking for new, innovative ways to secure critical infrastructure. On Episode 29 of The Cyber Security Matters Podcast we spoke to Dmitriy Viktorov, the CTO of Tosibox, about how he’s bringing his experience with cloud protection solutions to a new market. Read on to find out more about securing data through OT networks.
What are the main challenges associated with securing critical infrastructure?
I’m coming mainly from the IT security world, but now I’m jumping into what we call the industrial operational technology world. There are many similarities, especially on crates, but the OT and maybe IoT domains are lagging behind. They’re more conservative compared with IP or cybersecurity in general.
One thing that is quite important for customers is operational continuity. You can take some IT systems down for a short period of time if you need to patch it, update it or migrate it. In OT, it’s very difficult to do that because you are providing critical services, such as buildings, manufacturers, careers – you name it. You can’t take them down. If you want to apply a patch or you need to reconfigure something, that’s a big thing.
We also know that the lifecycle for cybersecurity products is way longer than you might think because you don’t see the whole lifecycle. I remember when we were defining the lifecycle model, we said it would be a maximum of three years in OT, but it might actually be around five or even ten years in total.
The other challenges in ICT and OT cybersecurity are the emphasis on legacy systems. There are several technologies in OT that are used by customers that rely on protocols, which have nothing to do with TCP IP. On the IT side, there are limited skills and technologies. It’s also about complexity and interdependencies – and again, a lack of patching and updates – and insider threats. Some infrastructures are physically exposed, which allows threats to get closer to them.
How is Tosibox unique, and how does it solve some of those challenges?
Tosibox is in the specific niche of the whole of OT cybersecurity. However, we like focusing on network security. We are helping customers with at least one – or maybe a few – particular problems when it comes to OT cybersecurity and network segmentation. We are implementing access control, and we are making sure that our customers can do it easily, securely, and more automatically. Because, as I said previously, customers might use different technologies or different protocols, our unique proposition is that our platform is actually protocol-agnostic and even industry-agnostic. Even if you use old legacy technologies and devices, Tosibox makes it easy to connect with your IT network and then manage it remotely.
To hear more from Dmitriy, tune into Episode 29 of The Cyber Security Matters Podcast here.
We sit down regularly with some of the biggest names in our industry, we dedicate our podcast to the stories of leaders in the technologies industries that bring us closer together. Follow the link here to see some of our latest episodes and don’t forget to subscribe.