The convergence of operational technology (OT) and IT in industrial environments offers numerous tangible benefits, and when 4IR technologies are added to the mix, the sky is the limit. However the above proliferation has also opened operational systems to cyberattacks traditionally reserved for IT. Unfortunately, many organisations still have a lot of work to do to ensure they do not become the next name in a long list of cybercrime victims.
A recent Claroty global survey confirms the above. The report surveyed 1100 IT and OT security professionals, and revealed that 80% of the respondents had fallen victim to ransomware attacks targeting critical infrastructure. The reality is that unless data centre managers start reducing risks to OT systems, the abovementioned statistics will become the tip of the iceberg. TechMonitor estimates that global cost of cybercrime will reach $10,5 trillion by 2025.
The target on OT’s back
OT infrastructure forms an integral part of data centre environments, delivering important functionality to critical services and industries such as energy and utilities, water and wastewater, and transportation. Data centres exist at the interaction of IT and OT and this can expose them to additional cybersecurity threats. This interplay between IT and OT becomes even more personal with the adoption of 4IR, driven by digitalisation. The increased exposure of OT environments to cyber dangers is an unfortunate side effect of digitalisation. The addition of digital applications and IoT connections to capture and analyse data from OT equipment has widened the cyberattack surface. Furthermore, industrial operations continue to rely on legacy equipment that was not designed for protection against cyber dangers. These issues create vulnerabilities that threat actors are only too happy to explore. Sponsored hacker groups are of particular concern, as they may choose high profile, critical infrastructure targets.
Hardening infrastructure
Fortunately, there are numerous ways of safeguarding OT systems and the data centres they reside in against cyberattacks. However it requires investment and commitment across the entire organisational structure. OT cyber defences require a multi-layered, integrated approach that considers the environment’s vulnerabilities and addresses internal and external threats. Here, it is important to update processes and security as technology evolves.
Global standards can also provide valuable guidance in best operational practices. The IEC 62443-2-4 standard specifies security capability requirements for integration, operational and maintenance for deployed devices, systems, and network components. It provides a comprehensive set of cybersecurity standards for industrial automation and control systems that can be applied to the data centre’s critical infrastructure.
Organisations grappling with how best to secure their OT environments can also partner with technology and service providers that offer decades of experience and sophisticated cybersecurity solutions to address vulnerabilities, whilst improving efficiencies. For example, Schneider Electric’s Cybersecurity Application Platform (CAP) provides an integrated cybersecurity solution, enabling operations teams to have real-time visibility of their cybersecurity environment, while reducing the complexity of OT environments. Schneider Electric has also developed partnerships with leading technology vendors, including a collaboration with OT cybersecurity leader, Claroty.
| Tel: | +27 11 254 6400 |
| Email: | [email protected] |
| www: | www.se.com/za/en/ |
| Articles: | More information and articles about Schneider Electric South Africa |
© Technews Publishing (Pty) Ltd | All Rights Reserved
printer friendly version