The 2023 Threat Report – At a Glance
Cyber attacks impacting physical operations or causing shut-downs are on the rise. Industrial operators must be aware of recent attacks and their rate of growth to prepare themselves going forward.
Operational Technology (OT) security involves safeguarding critical infrastructure and industrial control systems in industries such as energy, transportation, and manufacturing. The primary objective of OT security is to defend against cyberattacks that can endanger the safety, reliability and efficiency of these systems, resulting in physical harm, downtimes, and financial damages.
OT security has gained increase relevance due to the continuous integration of OT systems with Information Technology (IT) systems, which handle the management of information and data. To ensure the security of these integrated systems, it is essential to implement dedicated OT security policies, without the bias of the IT security practice.
This is why OT security practitioners rely on OT security standards such as IEC 62443, NIST 800-82 and ANSSI instead of only IT standards such as ISO27001, which focus on data protection. Even then, the number of attacks that disable or shut down industrial systems has risen dramatically in recent years. In 2021, of 64 incidents reported in OT networks, 22 were cyber attacks with physical consequences. These attacks represent a 144% increase over such incidents in 2020.
OT security is best aligned with physical risks and best focussed on securing physical operations. The deteriorating threat environment has sparked the emergence of new methodologies and practices for OT security. One such approach is Secure Operations Technology (SEC-OT), which places a strong emphasis on securing physical operations. The methodology offers practical guidelines for protecting networks critical to control, limiting the impact of cyber-attacks by monitoring and managing information flows between IT and OT, and identifying residual risks by assessing attack types and consequences that are not reliably defeated by current security measures.
Another new strategy, still in its infancy, is the National Cyber-informed engineering (CIE) strategy announced by the US Department of Energy. The goal of this strategy is to harness the expertise of engineers in industrial systems to minimize the risk posed by an intelligent adversary. The focus is on engineering-grade solutions to managing cyber risk to physical operations, rather than adding IT-driven tools after the fact to OT systems to try to mitigate risks to some lesser degree.
Finally, Unidirectional Gateways are playing a crucial role in the domains of OT security and cybersecurity engineering. The gateways are widely adopted in OT security plans to establish strong segmentation for industrial control networks in various industries, including power generation, rail systems, and petrochemical pipelines. In contrast to firewalls, which only reduce the impact of attacks, Unidirectional Gateways completely eliminate the threat of external cyberattacks like targeted ransomware.
And if at any time you would like an update on the latest Unidirectional Gateway developments, please use the form below to request a free consultation with one of Waterfall’s unidirectional technologies experts:
Cyber attacks impacting physical operations or causing shut-downs are on the rise. Industrial operators must be aware of recent attacks and their rate of growth to prepare themselves going forward.
Beyond the basics, Article 21 of NIS2 states that entities “shall ensure a level of security of network and information systems appropriate to the risks posed.” In this context, we will now examine how NIS2 should be applied to OT systems according to standard focus texts, such as the upcoming Network Security Codes for Electricity in Europe, and what this means for compliance.
NERC CIP, the new TSA pipeline and rail directives and other regulations can be very expensive – to comply with and to prove to an auditor that you comply. Kathryn Wagner of Assurx joins us to look at what and how we can automate this process to save time and money.
When it comes to industrial risk, where does “Cyber” fit into the big picture? Dr Janaka Ruwanpura helps us understand some of the ways such risks are managed and how such risk is assigned a category.
OT systems are critical to mining safety. Rob Labbe, the chair of the Metals and Mining ISAC joins us to look at six steps to integrating IT & OT networks and security programs in this very sensitive environment.
Managing Cyber risk takes on different approaches and expertise depending on the potential consequences of compromise to a particular system. This is why it is important to delve into the distinction and importance of an engineering-centric approach to managing OT cyber risk.