Industrial (technically known as Operation Technology, OT) networks attacks give far greater cause for concern. OT is hardware and software that monitors and controls industrial equipment and processes. It is found in facilities that manages energy generation, chemical processing, as well as automated manufacturing, pharmaceutical processing, and defence networks. When an industrial control system (ICS) is successfully targeted, serious damage to critical infrastructure and the environment are very real possibilities, as is threat to life.
There are a growing number of incidents that demonstrate the impact of unauthorised access to an ICS. In December 2015, part of Ukraine’s central grid was taken offline for six hours when hackers were able to remotely access the supervisory control and data acquisition (SCADA) system of a regional electricity company. Thirty substations were switched off during the attack, leaving some 230,000 people without electricity or heating.[Source: https://ics.sans.org/media/E-ISAC_SANS_Ukraine_DUC_5.pdf1]
IT/OT Convergence
Previously, IT and OT have remained separate department with their own processes and structures. The IT/OT convergence is seen as a key enabler for industrial initiatives – such as open process automation, IIoT or Industry 4.0 – and plays an important role in an organisation’s digital transformation strategy. However, IIoT, while it entails a move over to open-source operating system and adoption of standard communication protocols, is making it easier for bad actors to reach ICS.
Industrial companies are struggling to safeguard Industrial assets – many try to use the same IT tools to safeguard the Operation Technology infrastructure. However, the IT teams is unable to keep up with growing volumes of security data or the increasing number of security alerts as they lack the right level of visibility and threat intelligence analysis and don’t have the right staff and skills to handle the cybersecurity workload.
Organizations are facing increasing operational risks as cyber threat actors shift focus from the Information Technology networks that run business systems to the Operational Technology networks that control industrial operations. The next step for industrial companies is to proactively prevent operational disruptions that could impact our critical infrastructure. Don't join the list of organizations that don’t realize that they have been hacked until it’s too late.
The Need for Industrial Cyber Security
Digital Transformation Accelerated
Need for better cyber security for remote work force, Cloud and increased count of IoT & mobile devices
Legacy ICS/OT Infrastructure
Need to manage cyber risk without replacing existing ICS assets
Increased Cyber Security Attacks
Need better cyber security and protection from highly motivated ransomware and geopolitical attacks