Image via Freepik
Security for operational technology (OT) is steadily gaining attention. Most chief information officers (CIOs) / chief information security officers (CISOs) have recognized by now that simply duplicating security measures from information technology (IT) to OT is not achievable given the limitations and different environments. As hackers go beyond the common attack approaches found in the IT world, the targeted attack in OT becomes tougher to maintain.
Threat research data from both publicly and privately funded sources tells the same story: OT-focused attacks are becoming more prevalent. Although statistical data never reveals the future in terms of hacking targets and approaches, insider knowledge coupled with field observations do give us a forecast for OT cybersecurity trends in 2023.
Although most successful attacks that occurred in OT environments were copied from the IT world, we cannot deny the upward trend of attacks using OT-specific protocols. The ability to identify and correlate between the IT and OT attackers’ footprints will be the reference point for security vendors to work from in 2023 and thereafter.
State-sponsored hacker activities will go even further than mercenary groups because they are pursuing returns beyond financial gain. Critical infrastructure is, and will continue to be, highly targeted. Among all the public-sector entities that our company’s research lab monitored, probing/hacking directly against governmental bodies accounted for 48 percent of the traffic. At the time of this article being composed, this trend remains consistent. Targeted hackings require more vertical-specific tools that carry out different purposes and, therefore, require different countermeasures.
With the heightened awareness of how crucial cybersecurity is in the OT space, the challenge of deploying security lies in how to manage it. In 2022, we saw some unfamiliar job titles and departments appear at the corporate level to supervise and manage security matters across the OT/IT boundary. This will continue to happen. Such organization-wide changes will bridge the gap between security recognition and reality. In our 2022 survey for OT security, 72 percent of the 900 respondents indicated their organization has been disrupted with a security issue more than five times within a year, but, in general, they couldn’t identify whether these disruptions stemmed from IT or OT. Only those involved to some degree in both IT and OT security were capable of answering that question.
Endpoint Detection and Response (EDR) or Extended Detection and Response (XDR) types of services play important roles in IT to discover unknown threats with predictive intelligence. But, they are not quite up to par for OT until they can drastically filter out the noise of false positives and other managerial hassles, as OT cybersecurity teams are often understaffed. Previously, active protection was not widely adopted in OT because of the heavy system footprint, internet dependency and compatibility issues with legacy operating systems such as Windows XP. Now that OT security is finally in the spotlight, more security vendors will collaborate to tailor their products for OT. Plus, the active protection is the most effective way to prevent the traditional viruses and worms which are still popular attacking vectors in the world.
While the raider group is seeking more advanced security implementations, the survivor group is still struggling with the resources to maintain basic protection. In keeping with the adage of winner takes all, we see powerful organizations enforcing OT security upon the entire supply chain of a vertical. The raiders know what to do and take the lead for other industry counterparts, while the survivors can only do their best to keep up. For example, the Taiwan Semiconductor Manufacturing Company (TSMC) was a game-changing raider group that not only played a major role in establishing the specifications for fab equipment cybersecurity (SEMI E187) but also strongly influenced the industry to adopt these specifications.
OT security adoption and awareness is reaching new heights, due to both the Biden administration’s allocating $11 billion toward civilian cybersecurity spending and the collateral effects from other public domains. Private domains such as critical infrastructure and strategic, nation-sponsored industries will push for enforcement of security, mainly through regulations and standards to make sure that its execution can be identical in quality and level of confidence around the globe.
Digital transformation is an unstoppable trend. Most people working in the OT field are under immense pressure to go smart, and that will eventually involve more interconnected devices in the field and more intelligence gathered from cloud technologies.
Organizations in 2023 will most likely need to move forward with a mixture of legacy and modern devices, as well as a mixture of network adoption methods for various organizational missions. With that being said, a multi-layered security deployment approach needs to be applied to ensure every asset is covered throughout their entire lifecycle so that none of them inadvertently becomes a major weakness of the organization.
Terence Liu is the chief executive officer of TXOne Networks, which offers cybersecurity solutions.
You must have JavaScript enabled to enjoy a limited number of articles over the next 30 days.
Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company. Interested in participating in our Sponsored Content section? Contact your local rep.
ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.
Georgetown University, a major international research university with nine schools, an affiliated hospital, and many highly-ranked academic programs, has a mature, layered security program.
Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.
Copyright ©2022. All Rights Reserved BNP Media.
Design, CMS, Hosting & Web Development :: ePublishing