IoT and OT Security Handbook

IoT and OT Security Handbook

by Smita Jain, Vasantha Lakshmi, Dr. Rohini Srivathsa
Released March 2023
Publisher(s): Packt Publishing
ISBN: 9781804619803

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Leverage Defender for IoT for understanding common attacks and achieving zero trust for IoT and OT devices

Purchase of the print or Kindle book includes a free PDF eBook

Key Features

  • Identify and resolve cybersecurity challenges in the IoT and OT worlds
  • Familiarize yourself with common attack vectors in the IoT and OT domains
  • Dive into Defender for IoT, understand its capabilities, and put it to practice

Book Description

The Fourth Industrial Revolution, or Industry 4.0, is all about digital transformation, manufacturing, and production. The connected world we live in today, including industries, comes with several cybersecurity challenges that need immediate attention. This book takes you through the basics of IoT and OT architecture and helps you understand and mitigate these security challenges.

The book begins with an overview of the challenges faced in managing and securing IoT and OT devices in Industry 4.0. You'll then get to grips with the Purdue model of reference architecture, which will help you explore common cyber attacks in IoT and OT environments. As you progress, you'll be introduced to Microsoft Defender for IoT and understand its capabilities in securing IoT and OT environments. Finally, you will discover best practices for achieving continuous monitoring and vulnerability management, as well as threat monitoring and hunting, and find out how to align your business model toward zero trust.

By the end of this security book, you'll be equipped with the knowledge and skills to efficiently secure IoT and OT environments using Microsoft Defender for IoT.

What you will learn

  • Discover security challenges faced in IoT and OT environments
  • Understand the security issues in Industry 4.0
  • Explore Microsoft Defender for IoT and learn how it aids in securing the IoT/OT industry
  • Find out how to deploy Microsoft Defender for IoT along with its prerequisites
  • Understand the importance of continuous monitoring
  • Get familiarized with vulnerability management in the IoT and OT worlds
  • Dive into risk assessment as well as threat monitoring and hunting
  • Achieve zero trust for IoT devices

Who this book is for

This book is for industrial security, IoT security, and IT security professionals. Security engineers, including pentesters, security architects, and ethical hackers, who want to ensure the security of their organization's data when connected with the IoT will find this book useful.

Table of contents

  1. IoT and OT Security Handbook
  2. Foreword
  3. Contributors
  4. About the authors
  5. About the reviewers
  6. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the color images
    5. Conventions used
    6. Get in touch
    7. Share Your Thoughts
    8. Download a free PDF copy of this book
  7. Part 1: Understand the Challenges in IoT/OT Security and Common Attacks
  8. Chapter 1: Addressing Cybersecurity in the Age of Industry 4.0
    1. How is Industry 4.0 being leveraged?
    2. Understanding cybersecurity challenges in the age of Industry 4.0
    3. Enumerating the factors influencing IoT/OT security
    4. How to overcome security challenges
    5. Summary
  9. Chapter 2: Delving into Network Segmentation-Based Reference Architecture – the Purdue Model
    1. Zero-trust architecture
    2. Network segmentation in the IoT/OT environment
    3. Understanding the layers of the Purdue model
    4. How layers disrupt security when not managed well
      1. Data diodes
      2. Data diodes in action in OT/IoT
    5. Summary
  10. Chapter 3: Common Attacks on IoT/OT Environments
    1. Why do we see frequent attacks on the OT/IoT environment?
      1. Diminishing airgap
      2. The legacy of OT assets
    2. Who performs attacks on OT/IoT systems and how and why do they do it?
    3. Famous OT attacks
      1. The Triton attack
      2. Oldsmar cyberattack on the US water system
      3. The Colonial Pipeline cyberattack
      4. The Ukraine electric grid attack
    4. How do these attacks impact businesses and humans?
    5. Summary
  11. Part 2: How Microsoft Defender for IoT Can Address the Open Challenges in the Connected World We Live in Today
  12. Chapter 4: What Is Microsoft Defender for IoT?
    1. The IoT and OT environments
      1. The role of asset inventory
    2. Risk and vulnerability management
    3. Continuous threat monitoring
    4. Operational efficiency
    5. MDIoT benefits
      1. Zero impact on network performance
      2. Quick deployment
      3. Advanced threat detection
    6. Summary
  13. Chapter 5: How Does Microsoft Defender for IoT Fit into Your OT/IoT Environment/Architecture?
    1. The topology of network architecture
      1. The most common network topologies in OT/IoT networks
      2. A multilayer, multitenant network
    2. Diverse ways of traffic mirroring for OT monitoring
      1. SPAN
      2. Active and passive aggregation
    3. How the Purdue model is applied to MDIoT
    4. Sensor placement considerations
    5. OT sensor cloud connection methods
      1. Azure proxy
      2. Proxy chaining
      3. Connecting directly
      4. Multi-cloud connections
    6. Summary
  14. Chapter 6: How Do the Microsoft Defender for IoT Features Help in Addressing Open Challenges?
    1. Missing asset inventory for IoT/OT devices
    2. Risk and vulnerability management
    3. Continuous IoT/OT threat monitoring, incident response, and threat intelligence
    4. The installation of the MDIoT service
    5. Summary
  15. Part 3: Best Practices to Achieve Continuous Monitoring, Vulnerability Management, Threat Monitoring and Hunting, and to Align the Business Model Toward Zero Trust
  16. Chapter 7: Asset Inventory
    1. The device inventory in an on-premises console or the sensor console and the Azure portal
      1. The sensor console
      2. An on-premises console
      3. MDIoT in the Azure portal
    2. Asset visibility – IoT/OT and identifying the crown jewels
      1. Important devices – generating attack vectors and risk assessment reports
    3. Summary
  17. Chapter 8: Continuous Monitoring
    1. The protocol violation detection engine
    2. The policy violation detection engine
    3. The industrial malware detection engine
    4. The anomaly detection engine
    5. The operational engine
    6. Summary
  18. Chapter 9: Vulnerability Management and Threat Monitoring
    1. Risk assessment
    2. Summary
  19. Chapter 10: Zero Trust Architecture and the NIST Cybersecurity Framework
    1. How MDIoT helps in implementing the NIST Cybersecurity Framework
    2. How MDIoT helps in ZTA implementations in an OT environment
      1. Visibility
      2. Protection
      3. Continuous monitoring
    3. Validating ZTA with attack vectors
    4. Summary
  20. Index
    1. Why subscribe?
  21. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Share Your Thoughts
    3. Download a free PDF copy of this book

Product information

  • Title: IoT and OT Security Handbook
  • Author(s): Smita Jain, Vasantha Lakshmi, Dr. Rohini Srivathsa
  • Release date: March 2023
  • Publisher(s): Packt Publishing
  • ISBN: 9781804619803