Operational Technology (OT) -also known as industrial control systems (ICS) and supervisory control and data acquisition (SCADA)- is pivotal as it allows us to live the 21st-century life we are used to.
The ability to have everything we need (and want) relies on a vast network of industrial facilities, some of them as big as a city and others, as small as a network cabinet. This means that we are surrounded by a world of possibilities and capabilities as vast as we can imagine.
Our society depends on OT for the reliable and stable delivery of essential services, such as energy, water and transportation, as well as other crucial requirements.
Therefore, security becomes essential when talking about the OT realm, especially when there is a possibility of a harmful impact spreading in a very short timeframe.
For a long time, cybersecurity in these environments was not adequately addressed by the manufacturing site management nor by the cybersecurity industry. Today, even after the exponential growth of cyber-attacks, security solutions have not been developed fast. There is still a big gap that needs to be addressed when it comes to securing such a challenging environment, creating a unique opportunity that requires innovation and familiarity with the OT domain.
Threats, vulnerabilities, and risks
OT environments are by nature exposed to risks and threats as we see more and more industrial organizations emerging from Industry 3.0 to Industry 4.0.
In recent years we have seen an exponential increase of attack on OT, including Stuxnet, Dark Energy, and many others. The attack agents are abusing the existent vulnerabilities and the lack of know-how and understanding of what makes this environment so unique. This is also a primary challenge.
First, it is important to mention that vulnerabilities unique to ICS are poorly understood, especially when we compare it to the extensive amount of research around IT vulnerabilities. They can be found in the context of:
- lack of enterprise risk management (ERM) practices
- exercises and/or documentation, RACI matrix, or management engagement
- lack of network segregation between IT and ICS networks
- weak remote access procedures
- incident detection, response, and reporting procedure
Second, we need to understand that OT environments rely on 2 main paradigms: ‘Safety comes first’ and ‘If it is working, do not touch it’. Therefore, we are talking of environments with (and not only) unpatched systems, obsolete OS, lack of visibility and many other challenges, creating a unique domain to work with.
For most professional operating in this field, many of the tasks rapidly become heavy tasks. These are the primary challenges:
- Lack of professional workforce who understands both OT & IT
- Lack of communication between OT & IT staff in general and due to the language differences
- Maturity of security controls
- Risk avoidance closure which is inherent within the environment
At Atos, we are aware that to implement cybersecurity controls and measures within this domain, we need to first, understand the unique nature of the environment, its vulnerabilities and the possible associated risks. By combining our knowledge with our products and services, we can help our customers to secure their valuable assets and their systems.
The implementation of an industrial security program must provide a balanced and objective evaluation of risks in terms of threats and vulnerabilities and its consequences while aligning with the industrial short- and long-term objectives. By working together with our customers, we can help build a more secure and safer industrial environment while enhancing their productivity and operations.
To secure environments that are not inherently secured is not always easy and does not start by just adding security controls. It is about prioritizing the most critical processes, systems and potential sources of attacks or vulnerabilities. Security is about identifying, managing and setting up a strategy.
With their digital transformation, utilities companies can be targeted by hackers on a very large attack surface.
Discover how to tackle it in this white paper.
The multiplicity of actors in the utilities’ industry, combined with the digitalization of the production, transport and distribution infrastructures, are weakening the world of energy.
How to tackle utilities cyber threats and where to start?
Interested in next publications?
Register to our newsletter and receive a notification when there are new articles.