Over the past few years, we have seen a noticeable increase in organizations wanting to improve their OT cybersecurity resilience. However, manufacturing and critical infrastructure are still challenged with the wider-scale adoption of enhanced and specialized security practices, especially in OT/ICS environments.
Learn more as Terry Sweeney, Contributing Editor at Dark Reading, sat down with TXOne Networks’ Terence Liu and Jeff DePasse at the RSA Conference 2023 to discuss the evolution of OT cybersecurity.
Question #1: Can cybersecurity frameworks that are implemented for IT also work for OT?
Conceptually, the frameworks for IT and OT are very similar. Both are focused on protecting critical components of the infrastructure based on severity and priority. However, the implementation and tactics of protecting each environment are very different due to the varying realities, challenges, and security requirements.
In OT specifically, the implementation of cyber defenses needs to account for unpatched devices, a mix of legacy and modern devices, and other numerous limitations. The critical skillsets and expertise are also not as prevalent within OT cybersecurity, but that is evolving with the OT/IT.
Question #2: Industrial cybersecurity solutions are continuing to emerge. What are some of the threats that are driving that evolution?
Two important threats that OT is faced with are the lack of basic OT cyber protections and not enough personnel to take care of cyber issues. That’s why we see ransomware attacks such as WannaCry create great losses for large companies that started off as an IT attack, bled over into OT, and then spread rapidly due to the lack of defenses on the OT network.
We are also seeing the rise of OT-specific sabotage attacks, or cyber warfare-related malware, from political actors that are targeting critical infrastructure. These attacks are typically focused on impacting the operation or causing harm to human life. Some also understand the OT environment. Effective protection requires solutions with a deep understanding of OT/ICS protocols and applications to recognize these attacks, such as those developed by TXOne Networks.
Question #3: In the next 18 months, what do you foresee as the greatest opportunities for securing OT?
The recognition of OT, its unique infrastructure, and the potentially devasting consequences of cyber incidents are important drivers in the evolution of OT security. There are many opportunities to develop partnerships and educate personnel with the skillsets to protect industrial control systems (ICS). There are also great opportunities to collaborate with top industry leaders in various markets to define security guidelines, mitigations, and effective protections for OT that others in the market can follow. One example of this is the SEMI E187 and SEMI E188 cybersecurity guidelines for the semiconductor industry.