By John Pozoglou, Founder and CEO, FuturePlace
We take it for granted that we can just flip a switch to get a light and turn on a tap to get water, but the infrastructure that makes this possible is extremely complex and requires significant digital capability.
For example, to meet consumer demand cycles, a power grid must create exactly the amount of electricity that is being used at any given moment.
This means the grid’s power generation and transmission lines must constantly adjust to meet demand wherever and whenever needed. Managing this electrical cycle of demand is made possible by electrical utilities’ operational technology (OT) systems.
The real-time control and influence these systems have on our day-to-day lives only amplifies the need for strong OT security.
The last couple of years have reinforced this need. Critical infrastructure has become a more regular target for criminals, who are going after everything from power grids to buildings and public transport.
Although these targets aren’t necessarily new, what is new is that the attacks stopped being just a physical security problem and became a major cybersecurity problem too.
The good news is that there’s now much wider recognition of this fact, and action is being taken by both government regulators and infrastructure owners.
To truly tackle this challenge head on, cyber and physical security (OT/IT) need to be addressed together in ways they previously haven’t. Many countries, including Australia, have introduced legislation to protect critical infrastructure from cyber threats. The recent revisions to the Security Legislation Amendment (Critical Infrastructure) Act 2021 represent the Federal Government’s response to the increased threat faced by critical infrastructure organisations.
Major consequences
It’s easy to understand why OT and critical infrastructure has become a major target.
Due to OT security powering critical infrastructure for industries such as electricity, oil, water and more, there are persistent concerns about the potential for cyber attacks carrying real world consequences.
The most severe attacks are unlikely to ensue for several reasons, including: industrial fail safes, the risk of geopolitical escalation, and the immense value OT settings have for both cyberespionage and ransomware. However, cyberattacks on OT and critical infrastructure are still quite damaging, even if they fall short of a worst-case scenario.
According to the July 2022 report from Barracuda Networks on industrial security, 94 per cent of organisations reported experiencing a security incident in the previous 12 months. Among these organizations, over 60 per cent said their most significant security incident resulted in downtime of two days or longer.
According to a similar report released by Trend Micro in June 2022, “nine out of ten organisations have had their production or energy supply impacted by cyberattacks in the last 12 months”.
In Claroty’s 2021 report covering the state of ICS/OT security, 80 per cent of respondent organisations had experienced a cyberattack, with 47 per cent reporting an impact on their ICS/OT environments.
It is perhaps because of these damaging attacks that decision makers and boardrooms are taking notice of OT security.
Taking action on the cyber front
The key is to be proactive – the upfront cost of investment, security, and proactive incident response planning is significantly less than the damage of cyber attacks, based on the costs of security readiness. The average cost of a data breach in enterprise environments is more than $4 million, but in operational technology, that cost can be significantly greater since manufacturing and supply chain issues come into play.
Organisations must consider “what if” scenarios – for example, how much will it cost if an energy network is down for eight hours as opposed to two days? It helps to put such risks into perspective and recognise that paying for security up front results in significantly lower costs.
A zero-trust security approach is a good initial step to take as enterprises can no longer assume that a device should have access to everything just because it is linked to the network.
By never trusting and always verifying, a zero-trust solution makes sure that users have access to only the resources that are essential for their role. Limiting access is crucial, especially as OT personnel become increasingly dispersed and remote, and as IT and OT convergence continues.
A collaborative approach
All indicators suggest the risk of cyber attacks will continue to increase. To effectively secure mission critical OT, organisations need to take a proactive approach, and implement tools and strategies to combat these challenges.
The Cybersecurity for Infrastructure Assets Summit in June 2023 will bring together over 200 senior executives to discuss strategies and find solutions for achieving operational integrity and cyber-resilience.
This sponsored editorial is brought to you by FuturePlace. For more information, visit futureplace.tech.