Operational technology is a critical use of hardware or software to monitor and detect any changes in industrial machinery and production services.

Cyberattacks on OT software and hardware is on the rise, a particularly concerning threat as these targets can affect thousands or even millions of other people if compromised, according to Anand Oswal (pictured), senior vice president and general manager at Palo Alto Networks Inc. In fact, a recent ransomware attack on the Colonial Pipeline stopped 2.5 million barrels of oil, causing fuel shortages and price hikes until the ransom was paid, a harrowing reminder of how severe these attacks can be.

“Critical infrastructure is embedded in everything that we do — think of manufacturing, think of chemical plants, think of energy, utility, oil and gas. Securing those assets is extremely important, but you’ve got to go about it thoughtfully,” Oswal said. “When you think of connected things or digitization, it’s affected almost every single industry for the positive and made things easier, lowering the operational cost for all of the firms using them. But if you don’t go about the right way, it leads to security breaches.”

Oswal spoke with theCUBE industry analyst Dave Vellante at the RSA Conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed security challenges surrounding OT environments, why visibility is important in OT infrastructure, how customers are implementing OT security and more. (* Disclosure below.)

OT security: an operational imperative

Securing OT infrastructure starts with visibility on all connected devices. This can’t be done with the traditional approach more suited for IT infrastructures, according to Oswal. It needs the power of artificial intelligence and machine learning to identify these connected devices.

“It should be automated, and it should scale. You want to understand the device, the make, the model, etc. So that requires a lot of work,” he said.

The number one question Oswal receives from OT infrastructure leaders is asking how they’re able to access the details of all devices connected to the network and pinpoint which devices are unpatched vulnerabilities.

“[Palo Alto Networks] does all that through a combination of our machine learning. So if you put our sensor, which are our firewalls, within 24 to 48 hours, I will be able to identify more than 95% of all devices,” Oswal said. “This is work that we’ve done for last many years in terms of how we understand the protocols, the makes, the model, etc.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference:

(* Disclosure: Palto Alto Networks Inc. sponsored this segment of theCUBE. Neither Palo Alto Networks nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE