Subscribe to our Newsletter!
By subscribing to our newsletter, you agree with our privacy terms
Home > IT Monitoring > Increasing concern over Operational Technology cybersecurity
February 03, 2023
There is no better time than now to prioritize and streamline Operational Technology (OT) cybersecurity. In the broader Industry 4.0 strategy, an organization must seek clarity on cyber risks before establishing a roadmap to move from isolated to integrated systems, as the complexities of OT have rendered traditional IT security strategies ineffective.
Often, OT managers focus their concerns on the physical risks to equipment and manufacturing facilities. And for a good reason: equipment malfunctions, terrorist attacks and internal sabotage have the potential to harm employees, impair operations and even put the public at risk. But, even physical threats to industrial control systems now have cyber components. Standard IT components are now behind every industrial control system and equipment!
Since 2021, sophisticated and well-resourced actors such as ransomware gangs and nation-state hackers have sought to target the critical infrastructure of cities. They have found that critical infrastructure organizations are an attractive target. Ransomware gangs, for example, often target utilities, energy, oil, and gas companies.
Over the past six months, cyberattacks have increased significantly, causing major disruptions in sectors ranging from transport to healthcare. Railways, in particular, have been the target of attacks, leading to the implementation of measures designate to protect rail operators and their assets.
The timeline below summarises the most significant cyber events from July to December 2022.
The concern is growing. Including the potential for large-scale attacks following the war in Ukraine. “While we have not yet seen attacks on the scale feared, there have been documented attacks as part of the ongoing hostilities in the cyberwar promoted by Russia,” says Christopher Budd, senior threat research manager at Sophos.
Last year, Nozomi Networks’ “SANS 2022 OT/ICS Cybersecurity Report” found that 62% of 332 industry representatives from energy, chemical, critical manufacturing, nuclear, water management, etc, rated the risk to their OT environment as high or severe.
It’s no exaggeration to say that the Big Shutdown — a large-scale disaster with far-reaching and damaging implications — is near, and you need to be prepared. A proactive approach to security allows you to take a major step in protecting your organization — as well as the customers you serve — from the serious consequences that would come from a breach of your OT infrastructure.
The good news from Nozomi Networks’ research ?
Defence efforts are gradually strengthening. Together, asset owners and vendors are advancing approaches to specific needs for OT cybersecurity.
According to Deloitte, the first step to the right OT cyber security strategy is to recognise the following cycle:
From that recognition, the next step is to establish governance — including mundane tasks like monitoring and updating systems. Especially since phishing and IT/OT integration will also be critical cybersecurity issues in 2023. Joint governance with senior IT leadership, security, engineering, and management personnel can provide the proper attention and security for OT systems.
September 20, 2023
September 13, 2023
September 11, 2023
September 08, 2023
September 05, 2023
August 31, 2023
August 25, 2023
Previous
Top green tech companies in Europe
Next
WEF wants international rules to increase cyber security