Headlines around the world are filled with reports of cyber attacks, large scale financial crimes and threats to national security. But the news is also full of great innovations.
Headlines around the world are filled with reports of cyber attacks, large scale financial crimes and threats to national security. But the news is also full of great innovations - ways technology can create breakthroughs which improve our productivity, our health and our future prosperity.
Organisations which depend heavily on industrial automation are at an inflection point, the winners will share and exploit all data in their enterprise, make better decisions and increase productivity, energy efficiency and safe operations.
We find ourselves in the midst of a new industrial revolution. Powered by the recognition of significant business benefits of converging the previously separate worlds of Internet Protocol-based IT and Operational Technology - the hyper-connected Industrial Enterprise is a very concrete reality.
Integrating innovative technology
With this revolution underway and an increasing awareness of the possibilities that this bright and exciting industrial future offers, industry professionals the world-over are becoming motivated to explore the best (and safest) path to convergence.
When treading new paths and integrating innovative technology, it’s important to be fully aware of the potential risks and obstacles that lie in wait. Hyper-connectivity has also opened up a new environment for security threats.
Cyber Security for industrial organisations is as much about safeguarding the physical well being of the company and its employees as it is about financial health – an attack that starts in cyber space can have devastating consequences in the physical world. As such, a full and accurate understanding of these risks is of the utmost importance.
Two initial factors that an organisation must consider are:
- The source and motivation behind possible cyber attacks
- The targets and methods of possible cyber attacks.
Let us consider the first of these.
For industrial organisations evaluating the risk posed by cyber attack, an intelligent examination of potential sources from which an attack might originate is a good place to start. This is not about scaremongering; analysis based on solid threat intelligence ensures that both probability and impact can be assessed and more sensible, pragmatic steps taken to mitigate the risk. However, it is also worth noting the threat of cyber-attack posed to industrial organisations exists inside and out…
The Malicious Insider - As IT managers know only too well, many ‘attacks’ are often perpetrated by a trusted insider who uses his expert knowledge and corporate authorisation to manipulate systems to carry out their personal commands. The insider threat poses as much risk to OT as to IT.
The Accidental Insider – The quest for greater efficiency and productivity combined with a lack of security awareness can open up new avenues for an accidental introduction of malicious code. However, as well as the threat from malicious cyber attacks, systems and data can also be threatened by security applications themselves, legitimate testing or unauthorised configuration changes. The great sensitivity of OT to factors such as latency in the system, regardless of its cause, requires precise knowledge and understanding of how security solutions (for example) might affect a system.
External Actors – Malware or commands issued by a cyber-intruder to negatively impact Operational Technology and systems. The driving purpose behind such malicious external attacks is typically to survey critical systems, steal intellectual property or disrupt industrial processes to satiate numerous varied motivations.
In order to effectively plan for and manage the risk of cyber attack posed by a wide range of sources, organisations need to take a well-informed, pragmatic approach to develop a realistic risk analysis of possible cyber-threats originating both inside and out.
Download the full whitepaper exploring the risks associated with the convergence of IT and OT to learn more or see my next post where we will explore the identification of potential targets within OT and Industrial Control Systems and the routes of penetration which a cyber-attack might seek to exploit.