In our time, industrial and critical infrastructures are adopting Internet of Thing (IoT) at an unprecedented rate. While digital transformation in operational technology (OT) can optimise production, drive innovation and increase efficiency, it is not without the risk of increasing cyber threat. Without a proper OT cyber security, our OT device is highly exposed to cyber risk. Therefore, organisations are facing many OT security challenges in ensuring that their OT devices are well protected from cyber risks. The OT security challenges include:
Lack of security knowledge and awareness
The introduction of connectivity technologies into OT industrial environment requires up-to-dates skills. Nevertheless, the rapid growth of technologies creates large gap in the OT security awareness where the OT teams do not clearly understand cyber security while the IT teams do not understand operation. Additionally, human error is one of the major causes of cyber risks. The errors could be as simple as installing the wrong software. The lack of awareness of employees in understanding OT security on the OT devices can increase the surface attack.
“You can read the news across the globe, you will notice ransomware attacks from time to time, we still see how they enter into big corporations or production facilities, sometimes it can be as simple as inserting an infected thumb drive or acting on the phishing email and becoming the victim for it. It is important for cybersecurity awareness training, to cover front line and factory level workers and employees as well.” comment by Vincent Lim, E-SPIN Group subject matter expert and consultant.
Lack of security policies and specific incident respond plan
Generally, OT environment has limited or no visibility of potential vulnerabilities, network traffic and security management. Moreover, organisations focus more on operational and cost instead of security risk which results in lack of risk mitigation and limited patching. In most cyber security surveys, it is discovered that a lot of organisations do not have security policies and specific incident respond. Without specific respond plan towards cyberattack, an organisation becomes more vulnerable and exposed to catastrophic security incident impacts.
Third-party and remote access
Most organisations allow their employee or third-party support vendor to access the ICS assets remotely either via VPN-based remote access or dial-up modem access. This makes the attack surface to become bigger since remote access service does provide multiple authentication as well as not having strong logical access and privileged access management to manage third-party staff. In addition, the service is also unable to detect malicious activities that occur through the remote access channel.
To conclude, without a a proper risk-based cyber security management, every organisation that undergoes IT/OT convergence are highly vulnerable to cyberattack and cyber threats.
E-SPIN being active in cyber exposure business since 2005, being helping enterprise and government customer for the various project and solution in the solution domain matters. Please feel free to contact E-SPIN for your cyber exposure (risk, asset, vulnerability and threat management) so we can help you on the exact requirement for packaged solutions that you may required for your operation or project needs.