Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Got Critical Infrastructure? Then You Should Know How To Protect It

Both IT and OT Teams Should be Able to Quickly Access and Analyze all Data Relevant to Their Needs

Both IT and OT Teams Should be Able to Quickly Access and Analyze all Data Relevant to Their Needs

Industrial Control Systems (ICS) are key to keeping critical infrastructure such as electric grids, nuclear facilities, oil & gas refineries, wastewater treatment plants, manufacturing operations, and more running and safe. In fact, much of what underlies the goods and services being produced and offered across the globe rely on ICS in some form, whether it be in production, transport or operations. Knowing how entrenched these systems are in our working society, we have a good reason to be concerned about the security of ICS. 

The primary goal should always be safety — no injuries, damaged environments, or threats to critical infrastructure like airports. Other goals include IP protection and service availability. All of these require keeping systems running, a strong security posture and optimized resource use. Here are the top trends to look out for to make this possible.

Smart operational technology will become standard

The explosion of inexpensive devices and sensors, coupled with accessible data technology, is completely changing the industrial landscape. IoT is flooding industrial settings like manufacturing and transportation as forward-leaning organizations find innovative ways to leverage operational technology (OT) data. This connected network is automating tedious tasks, improving worker safety and freeing up resources. 

This trend calls back the introduction of mobile technology to the workforce. Much like mobile devices expanded the attack surface as “bring your own devices” (BYOD) became widespread, IoT devices and sensors are flooding industrial environments at once boosting productivity while increasing risk. It’s hard to have the former without the latter. In this light, it becomes imperative for organizations to have visibility and control across their devices that are part of the information and operational technology stacks.  

Predictive maintenance powered by machine learning takes over

Given the proliferation of smart technology across operations in industrial settings, more organizations will start embracing predictive measures to complement the preventative work they are already doing. More data points coupled with better ways of processing and visualizing that data will allow organizations to optimize maintenance cycles and resource use. With operations up and running, directors of manufacturing and operations managers can better focus on cybersecurity instead of constantly worrying about costs and safety. 

Critical infrastructure Security At the heart of this paradigm shift in maintenance and operations will be machine learning and artificial intelligence — and it will do more than alert when things are about to breakdown. For instance, anomaly detection and alert triggering built around machine learning will become increasingly seamless, allowing operation managers to focus on high-priority issues and tasks. Don’t miss the leap forward.

Regulation for manufacturers spurs on quality control and assurance

We must remember regulation and compliance, especially in industries like the automotive and healthcare. Manufacturing in these spaces has only become more complex with more stringent compliance requirements. All component, manufacturing equipment, and operator actions have to be tracked and monitored for compliance. 

The cloud and the recent explosion of Industrial IoT — the introduction of new technology and processes in general — could make compliance difficult. New technology can be a double-edged sword when it comes to meeting new standards and regulations, as new tools, processes and training are introduced. Hiccups are bound to occur so prepare and take rigorous measures to assure quality and compliance. 

Operational Technology and IT converge 

OT and IT systems in industrial environments have increasingly converged over recent years. Human Machine Interfaces (HMIs) are commonly used to send commands to field or factory equipment. Intelligent devices in OT networks are connected to IT infrastructures to enable better, faster data-driven decisions. As a result, segmentation policies has become common practice in these environments, but lack of visibility and control as more integration takes place generates risk for operational technology. Attacks can either start in IT and OT environments and move laterally. Imagine if an ICS connected to valves, gauges or equipment gets compromised and what it could entail. 

As industrial environments become more complex, data-type and data-source agnostic technologies need to be employed. Both IT and OT teams should be able to quickly access and analyze all data relevant to their needs. 

In short, ICS security is critical and will take an evolving approach to handle effectively. IoT will become the norm, smart technology will enhance operations management and execution, and technology stacks will converge as interconnectivity across systems becomes more common. Ensure you’re ready and avoid the repercussions that could arise if your industrial systems are compromised. 

Learn More at SecurityWeek’s ICS Cyber Security Conference

Written By

Click to comment

Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

ICS/OT

Vulnerabilities in GE’s Proficy Historian product could be exploited for espionage and to cause damage and disruption in industrial environments.

ICS/OT

A hacktivist group has made bold claims regarding an attack on an ICS device, but industry professionals have questioned their claims.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...

ICS/OT

Vulnerabilities in industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to OT networks.

ICS/OT

Organizations using controllers made by Rockwell Automation have been informed recently about several potentially serious vulnerabilities.

ICS/OT

Schneider Electric in recent months released patches for its EcoStruxure platform and some Modicon programmable logic controllers (PLCs) to address a critical vulnerability that...