IT and OT security are more different than most realize. IT focuses on digital systems and data, and OT concerns itself with physical systems and their interconnectivity, said Dragos CEO Robert Lee. The stark differences between IT and OT security are laid bare around vulnerability patching.
Critical infrastructure attacks during 2022 focused primarily on Eastern Europe and Ukraine given fears of reprisal from attacking the U.S., said Optiv CEO Kevin Lynch. The amount of OT security investment needed to defend against adversaries is bigger than what many organizations can handle today.
As IT and OT systems converge with the adoption of Industry 4.0, the security risk to OT systems and IoT devices is high. To secure the enterprise, organizations need network segmentation tools to scan for malicious content across the OT environment, says Ivan Issac of OPSWAT.
Offense is what paces innovation in cybersecurity since threat actors constantly look for new ways to compromise systems, said AllegisCyber Capital's Bob Ackerman. Many offensive cyber capabilities developed by the national intelligence community make their way into the wild and become exploitable.
Many infrastructures have both OT and IT systems, making data and device transfer between the two systems difficult. Also, some OT devices are outdated while IT systems use modern cloud devices. And the shortage of training is another important hurdle, said OPSWAT CEO Benny Czarny.
OT attacks have doubled. Mark Cristiano, global commercial director of cybersecurity services at Rockwell Automation, discusses how organizations can develop a strategic approach to OT security that aligns with their risk profile, cyber maturity and ability to absorb change.
A new Food and Drug Administration policy to "refuse to accept" premarket submissions for new medical devices if they lack of cybersecurity details will help substantially improve the state of legacy devices in the future, said the FDA's Dr. Suzanne Schwartz. Here's a look at the new requirements.
More threat actors are dedicated to attacking industrial organizations, and that increasing volume and sophistication of attacks has left organizations clamoring for suppliers with expertise in safeguarding OT infrastructure, said Rockwell Automation's Mark Cristiano.
The ICS/OT community attracted high-profile attention in 2022. Headlines around the world highlighted the motivation for targeting ICS/OT and underscored the impact of disruption beyond a business and into the community it serves.
OT and SCADA security must be designed around protecting system availability, understanding OT-specific protocols and blocking attacks that target legacy systems commonly used in OT environments. CISO Hitesh Mulani of Mahindra & Mahindra shares advice on implementing OT security.
Europe's cybersecurity agency predicts hackers will take advantage of the growing overlap between information and operational technologies in the transport sector and disrupt OT processes in a targeted attack. Ransomware will become a tool wielded for political and financial motivations, says ENISA.
Cybersecurity will take its place alongside chemical contaminant removal as an element the U.S. Environmental Protection Agency says public water systems must mitigate. "Cyberattacks that are targeting water systems are real and a significant threat," said an EPA official.
The Biden administration has unveiled its new national cybersecurity strategy, detailing top challenges facing the U.S. and plans for addressing them. Goals include minimum security requirements for critical infrastructure sector organizations and liability for poor software development practices.
Vulnerability management and patching are major OT security challenges for security practitioners, says Alexander Antukh, CISO at AboitizPower, a leading provider of renewable energy in the Philippines. He advises fixing critical vulnerabilities first and creating a road map for better security.
Accenture has bought Morphus to get more intelligence around fraud and other cybercrimes Brazilian criminals are perpetuating in the digital world. The Morphus acquisition will help Accenture customers take on financially motivated cyber fraud and insider threats that are pervasive in Brazil.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.