ICS Cybersecurity

Report post

ICO cybersecurity talks are increasing within the sector as more and more ICS assets are now connected to the internet directly (2million assets and counting) and as the cyber threats evolve, cyber resilience and security at the asset level is becoming more and more important for organisations. Can the critical infrastructure rely on IT-centric security measures? What are the positives/negatives of the IT/OT merge?

Share this post


Link to post
Share on other sites

Report post

@BTabar The benefits of bringing IT and OT together are simply too great to ignore. Although it may be a slow transition, the transition is inevitable.

Merging these two areas requires well-defined, scalable standards that span from assets to data centers and vice-versa. It’s also crucial that these standards are secure, otherwise critical and expensive operational assets can be vulnerable.

Share this post


Link to post
Share on other sites

Report post

@CMOP, I couldn't agree more. I do think the merge between OT and IT should have taken place a long time ago and not after the attacks toward OT assets have increased this much. 

What I find is that there is an ignorance toward OT cyber threats and companies still think that their assets are 'air-gapped' although it is becoming more apparent that air-gap is also disappearing. I genuinely am concerned that the realisation is going to be painful and costly.  

Share this post


Link to post
Share on other sites

Report post

@BTabar. Unfortunately it will be a painful for most companies. However, it will be necessary going forward. With the Industrial Internet of Things rising in factories across the world - the age of future of factories is quickly developing and here to stay. 

Look at Tesla for example - how many issues have they had in the past couple years. 

Share this post


Link to post
Share on other sites

Report post

I think the cybersecurity for operational technology starts with a visible and accurate inventory. If you don't know what you have, it's a lot harder to protect it. I find so many companies regardless how big or small they are, are using a very manual process to gather inventory, I mean engineers going around the sites with a clipboard writing makes and models of the assets etc. 

Once this is addressed, cybersecurity should be a matter of implementing a blanket over everything there is to protect.

But then maybe it's just me...

Share this post


Link to post
Share on other sites

Report post

@BTabar - it's going to have to start somewhere. I'd argue the majority of factories and companies still go around with a clipboard. 

 

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now