The convergency of OT (operational technology) and IT in industrial environments offers numerous and tangible benefits. Plus, when 4IR technologies are added to the mix, the sky becomes the proverbial limit.
By Hennie Colyn, direct sales executive Process Automation at Schneider Electric
However, the above proliferation has also opened operational systems to cyberattacks, traditionally reserved for IT. And unfortunately, numerous organisations still have a lot of work to do to ensure they don’t become the next name in a long list of cybercrime victims.
A recent Claroty global survey confirms the above. The report surveyed 1 100 IT and OT security professionals and revealed that 80% of the respondents had fallen victim to ransomware attacks targeting critical infrastructure.
The reality is that unless datacentre managers start reducing risks to OT systems, the abovementioned statistics will become the tip of the iceberg. In fact, TechMonitor estimates that global cost of cybercrime will reach $10,5-trillion by 2025.
The target on OT’s back
OT infrastructure forms an integral part of datacentre environments, delivering important functionality to critical services and industries such as energy and utilities, water and wastewater (WWW) plants, and transportation.
Datacentres exist at the interaction of IT and OT which can expose it to additional cybersecurity threats. And this interplay between IT and OT becomes even more personal with the adoption of 4IR, driven by digitalisation.
The increased exposure of OT environments to cyber dangers is an unfortunate side effect of digitalisation. The addition of digital applications and IoT connections to capture and analyse data from OT equipment has widened the cyberattack surface.
Furthermore, industrial operations continue to rely on legacy equipment that wasn’t designed with protection against cyber dangers.
These issues create vulnerabilities that threat actors are only too happy to explore. Sponsored hacker groups are of particular concern as they may choose high-profile, critical infrastructure targets.
Hardening infrastructure
Fortunately, there are numerous ways of safeguarding OT systems and the datacentres it resides in against cyberattacks. However, it requires investment and commitment across the entire organisational structure.
For one, OT cyber defences require a multi-layered, integrated approach that considers the environment’s vulnerabilities and addresses internal and external threats. Here it is important update processes and security as technology evolves.
Global standards can also provide valuable guidance in best operational practices. The IEC 62443-2-4 standard specifies security capability requirements for integration, operational, and maintenance for deployed devices, systems, and network components. It provides a comprehensive set of cybersecurity standards for industrial automation and control systems that can be applied to the datacentre’s critical infrastructure.
Organisations grappling with how best to secure their OT environments can also partner with technology and service providers that offer decades of experience and sophisticated cybersecurity solutions to address vulnerabilities whilst improving efficiencies.