EP&T: Protecting converged IT/OT environments from cyber threats
Security and business leaders require alignment
With the rise of digitized manufacturing and industrial internet of things (IIoT), the attack surface has expanded, converging the worlds of IT and operational technology (OT), while introducing new attack vectors that have allowed cyber threats to grow at alarming rates. CISA recently warned about vulnerabilities in motion sensors in robotic controllers, commonly used in the critical manufacturing and healthcare sectors, and issued an advisory warning of rising threats to OT and control systems as OT assets become internet accessible.
In recent years we’ve seen a number of similar attacks, including the EKANS ransomware earlier this year that was designed to target industrial control systems. Despite the constant warnings and evidence of ongoing attacks, security teams often face challenges in aligning leadership to confront the issue of cyber risk.
The reality is that cyberattacks such as those designed to steal IP, disable networks or sabotage equipment can have serious consequences on critical infrastructure and essential services for entire countries. The pandemic has underscored this threat as the heightened reliance on essential services continues to pique cybercriminals’ interests. In fact, a recent study conducted by Forrester Consulting on behalf of Tenable found that, over the past year, 65% of organizations in the U.S. suffered business-impacting cyberattacks or compromises that involved OT systems. For these environments, bolting on a security solution alone is only fighting half of the battle.