Help
Help
43365members
Join Now
217820posts
Join Now

Is OT security ready for the next wave of cybercrime?

Omaelk
Administrator Administrator
Administrator
‎2020-03-04 07:23 AM
0
320
‎2020-03-04 07:23 AM

Is OT security ready for the next wave of cybercrime?

Originally published on Industry 4.0 Blog by Omaelk | March 04, 2020 04:23 PM

 

Forrester’s Predictions 2020: The Internet of Things report has an eye-opening forecast on cybercrime for the coming year – an IoT prediction that demands that we collectively consider how to strengthen OT security.

 

" We cannot close the door on connectivity’s many benefits. It’s clear that connectivity across people, assets, and systems empowers us to make full use of extracted data to improve operations and processes. "

 

This is especially true as the line between IT and OT blurs as companies sync up operations to leverage real-time monitoring, data-driven business models, cloud-based and edge analytics, digital twins of industrial processes, a seamless digital ecosystem from shop floor to back-office business processes, and more.

 

What are the common risks to OT security?

 

According to the State of Industrial Cybersecurity 2019 report, about “70% of companies surveyed consider an attack on their OT/ICS infrastructure likely.” What are some of the inherent risks to address now before these attacks manifest?

 

A wide attack landscape

Every connected device is associated with an endpoint that hackers could pinpoint to infiltrate and manipulate the entire digital ecosystem. Think about this: today’s smart factories now have hundreds —and even thousands — of connected sensors. A holistic approach to cybersecurity — from product security to supply chain protection — is imperative.

 

Legacy infrastructure with aging assets

Many of the systems that control the world’s most critical operations were installed and developed decades ago before the rise of the industrial IoT (IIoT), and they were intended for long-term use. As digitization proliferates rapidly, assessing the risk of legacy systems is critical, and an end-to-end cybersecurity plan should address both new and aging systems.

 

Targeted attacks on unique weaknesses

Unlike IT attacks, which typically aim for the biggest number of users, OT attacks tend to target a specific weakness within a single target. This approach requires specific paths of protection, as widespread defensive measures such as antiviruses are not commonly applicable or even could incapacitate the device itself. What’s more, disconnecting the affected system often is too complex in factory environments.

 

Regular exposure to third-party access

It’s very common for external vendors/field service engineers to be granted privileges to access OT devices through their own laptops and USB devices, the internet, or fully hosted environments with little control. This broader access poses risk even if there is no inherent malicious intent. The attack surface widens with each connected laptop or thumb drive.

 

 

Read more

 

Author

Omaelk

A multi-lingual Global Marketing & Digital Communication/Community Management specialist, mostly involved in Sales enablement & Digital transformation. Born in Morocco, grown up in France, studied in England, worked in the US, I like to consider myself as a world citizen who treasures relationship building, intellectual curiosity & learning agility.

Support

Have a question? Please contact us with details, and we will respond.

Contact Us
FAQ

Look through existing questions to find popular answers.

Learn More
About

Want to know more about Exchange and its possibilities?

Learn More