Is OT security ready for the next wave of cybercrime?

  /  ICS Security   /  Cybersecurity   /  Is OT security ready for the next wave of cybercrime?
ot security

Is OT security ready for the next wave of cybercrime?

Forrester’s Predictions 2020: The Internet of Things report has an eye-opening forecast on cybercrime for the coming year – an IoT prediction that demands that we collectively consider how to strengthen OT security.

We cannot close the door on connectivity’s many benefits. It’s clear that connectivity across people, assets, and systems empowers us to make full use of extracted data to improve operations and processes.

This is especially true as the line between IT and OT blurs as companies sync up operations to leverage real-time monitoring, data-driven business models, cloud-based and edge analytics, digital twins of industrial processes, a seamless digital ecosystem from shop floor to back-office business processes, and more.

What are the common risks to OT security?

According to the State of Industrial Cybersecurity 2019 report, about “70% of companies surveyed consider an attack on their OT/ICS infrastructure likely.” What are some of the inherent risks to address now before these attacks manifest?

A wide attack: OT Threat Landscape

Every connected device is associated with an endpoint that hackers could pinpoint to infiltrate and manipulate the entire digital ecosystem. Think about this: today’s smart factories now have hundreds —and even thousands — of connected sensors. A holistic approach to IIoT cybersecurity — from product security to supply chain protection — is imperative.

More about Cybersecurity Infrastructure

Legacy infrastructure with aging assets

Many of the systems that control the world’s most critical operations were installed and developed decades ago before the rise of the industrial IoT (IIoT), and they were intended for long-term use. As digitization proliferates rapidly, assessing the risk of legacy systems is critical, and an end-to-end cybersecurity plan should address both new and aging systems.

Targeted attacks on unique weaknesses

Unlike IT attacks, which typically aim for the biggest number of users, OT attacks tend to target a specific weakness within a single target. This approach requires specific paths of protection, as widespread defensive measures such as antiviruses are not commonly applicable or even could incapacitate the device itself. What’s more, disconnecting the affected system often is too complex in factory environments.

Regular exposure to third-party access

It’s very common for external vendors/field service engineers to be granted privileges to access OT devices through their own laptops and USB devices, the internet, or fully hosted environments with little control. This broader access poses risk even if there is no inherent malicious intent. The attack surface widens with each connected laptop or thumb drive.

Securing the OT environment

With such nuanced OT risks, it is essential to move from reaction to proactive planning and prevention specifically to strengthen industrial cybersecurity. The risk to uptime and availability and, more urgent, to worker and public safety, is too great to ignore.

Some recommended steps include the following:

  • Network segmentation;
  • Policies for people and operating models;
  • Plans and measures to avoid the cascading effect;
  • Securing legacy infrastructure; and
  • Adopting shared responsibility.

According to a recent Accenture survey, 79% of CEOs say that their organization is “adopting new and emerging technologies faster than they can address related security issues.” Learn in this new OT security white paper how to make sure your cybersecurity strategy can stay steps ahead.

Protecting OT infrastructure via collaboration

One of the key measures of prevention is response. What are the lessons learned from any and every attack and how can we fortify the digital ecosystem as a result? The Wannacry ransomware attack in 2017, for example, was startling well beyond the incident, as it ultimately revealed that all industrial players needed to work together to ensure a path to safety in the OT world across the entire digital ecosystem. The need for ardent collaboration prompted Schneider Electric to become a founding member of the ISA Global Cybersecurity Alliance, for example, as well the Cybersecurity Coalition.

Fortifying OT security

Only together can we raise the bar on protecting industry at large and strengthening collective trust players in the digital economy as industrial players pursue the many benefits of the IIoT. For the coming year and beyond, commitment and collaboration are the foundation of a strong industrial security posture for business-critical infrastructure.

Download Securing Operational Technology (OT) – Addressing digital risks in business-critical infrastructures” to learn more about:

  • What are the common OT risks?
  • How to address them?
  • How to raise the bar of OT security via collaboration and partnerships?
  • Improving the security of industry with cybersecurity training and services


Christophe BlassiauThis article was written by Christophe Blassiau and originally it was published here. Experienced Leader in Digital Transformation at a worldwide scale, Christophe is currently leading Digital Security at Schneider Electric as Chief Information Security Officer (CISO). He’s passionate about speed and digital and aiming for a global positive impact on our planet combining Digital & Cybersecurity.