A Risk Assessment Analysis to Enhance the Security of OT WAN with SD-WAN
This paper introduces a comprehensive risk assessment of various wide area network (WAN) technologies as applied to Operational Technology (OT) infrastructures, thus uncovering which WAN technology is best suited for OT to mitigate the risks of Denial of View (DoV), Denial of Control (DoC), and Deni...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2024-10-01
|
| Series: | Journal of Cybersecurity and Privacy |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2624-800X/4/4/42 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1846104197915738112 |
|---|---|
| author | Van Joshua Abergos Faiza Medjek |
| author_facet | Van Joshua Abergos Faiza Medjek |
| author_sort | Van Joshua Abergos |
| collection | DOAJ |
| description | This paper introduces a comprehensive risk assessment of various wide area network (WAN) technologies as applied to Operational Technology (OT) infrastructures, thus uncovering which WAN technology is best suited for OT to mitigate the risks of Denial of View (DoV), Denial of Control (DoC), and Denial of Service (DoS). A new risk weight-based evaluation approach is proposed following NIST CSF and ISA/IEC 62443 standard risk scoring (RS). In this approach, RS was modified by introducing new risk metrics, namely, risk (Rn), mitigation (Mm), risk prioritization (WRn), and mitigation prioritization (WMm) to create a specialized probability formula to assess risks on OT WAN infrastructure. The proposed formula has been implemented to automate data analysis and risk scoring across nine WAN technologies. The obtained results demonstrated that software-defined wide area network (SD-WAN) has the best security features that even overshadow its vulnerabilities to perform not just as a WAN solution but as a security solution against DoV, DoC, and DoS. Furthermore, this paper identifies and highlights what to prioritize when designing and assessing an SD-WAN setup. In addition, this paper proposes an SD-WAN-based architecture to reduce DoV, DoC, and DoS risks. |
| format | Article |
| id | doaj-art-24c9ef5159ce493d8a63ea2d6523a734 |
| institution | Kabale University |
| issn | 2624-800X |
| language | English |
| publishDate | 2024-10-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Journal of Cybersecurity and Privacy |
| spelling | doaj-art-24c9ef5159ce493d8a63ea2d6523a7342024-12-27T14:31:55ZengMDPI AGJournal of Cybersecurity and Privacy2624-800X2024-10-014491093710.3390/jcp4040042A Risk Assessment Analysis to Enhance the Security of OT WAN with SD-WANVan Joshua Abergos0Faiza Medjek1Department of Computer Science and Creative Technologies, University of the West of England, Frenchay Campus, Bristol BS16 1QY, UKDepartment of Computer Science and Creative Technologies, University of the West of England, Frenchay Campus, Bristol BS16 1QY, UKThis paper introduces a comprehensive risk assessment of various wide area network (WAN) technologies as applied to Operational Technology (OT) infrastructures, thus uncovering which WAN technology is best suited for OT to mitigate the risks of Denial of View (DoV), Denial of Control (DoC), and Denial of Service (DoS). A new risk weight-based evaluation approach is proposed following NIST CSF and ISA/IEC 62443 standard risk scoring (RS). In this approach, RS was modified by introducing new risk metrics, namely, risk (Rn), mitigation (Mm), risk prioritization (WRn), and mitigation prioritization (WMm) to create a specialized probability formula to assess risks on OT WAN infrastructure. The proposed formula has been implemented to automate data analysis and risk scoring across nine WAN technologies. The obtained results demonstrated that software-defined wide area network (SD-WAN) has the best security features that even overshadow its vulnerabilities to perform not just as a WAN solution but as a security solution against DoV, DoC, and DoS. Furthermore, this paper identifies and highlights what to prioritize when designing and assessing an SD-WAN setup. In addition, this paper proposes an SD-WAN-based architecture to reduce DoV, DoC, and DoS risks.https://www.mdpi.com/2624-800X/4/4/42operational technology (OT)industrial control systems (ICS)cyber physical systems (CPS)risk assessmentprioritizationsoftware-defined wide area network |
| spellingShingle | Van Joshua Abergos Faiza Medjek A Risk Assessment Analysis to Enhance the Security of OT WAN with SD-WAN Journal of Cybersecurity and Privacy operational technology (OT) industrial control systems (ICS) cyber physical systems (CPS) risk assessment prioritization software-defined wide area network |
| title | A Risk Assessment Analysis to Enhance the Security of OT WAN with SD-WAN |
| title_full | A Risk Assessment Analysis to Enhance the Security of OT WAN with SD-WAN |
| title_fullStr | A Risk Assessment Analysis to Enhance the Security of OT WAN with SD-WAN |
| title_full_unstemmed | A Risk Assessment Analysis to Enhance the Security of OT WAN with SD-WAN |
| title_short | A Risk Assessment Analysis to Enhance the Security of OT WAN with SD-WAN |
| title_sort | risk assessment analysis to enhance the security of ot wan with sd wan |
| topic | operational technology (OT) industrial control systems (ICS) cyber physical systems (CPS) risk assessment prioritization software-defined wide area network |
| url | https://www.mdpi.com/2624-800X/4/4/42 |
| work_keys_str_mv | AT vanjoshuaabergos ariskassessmentanalysistoenhancethesecurityofotwanwithsdwan AT faizamedjek ariskassessmentanalysistoenhancethesecurityofotwanwithsdwan AT vanjoshuaabergos riskassessmentanalysistoenhancethesecurityofotwanwithsdwan AT faizamedjek riskassessmentanalysistoenhancethesecurityofotwanwithsdwan |