Critical infrastructure cybersecurity begins with reversing years of neglect

This article originally appeared in Industrial Equipment News.

As companies increasingly transition to cloud and 5G in pursuit of the fourth industrial revolution, threat actors are waging malicious campaigns against U.S. critical infrastructure.

OT is a significant component in critical infrastructure, yet recent high-profile attacks are a reminder that traditional cybersecurity strategies are falling short. A security team that lacks visibility cannot fully understand its exposed vulnerabilities or protect its attack surface. Since the threat landscape is continually evolving, this myopia directly reduces an organization’s cyber resilience and ability to remediate risks. Even using and managing a dedicated OT firewall isn’t enough.

Working together

Success will require collaboration between IT and OT functions, with holistic risk management across OT environments as the end goal and execution of the following steps:

  • Collect passive data from the OT environment’s networking and security technologies.
  • Establish a complete network model encompassing IT and OT.
  • Employ path analysis to understand all IT and OT connectivity, including how risks can impact either environment or traverse one to reach the other.
  • Establish and enforce an access compliance policy to ensure only authorized systems can access mission-critical environments and assets.
  • Prioritize remediation of OT vulnerabilities based on exposure while identifying alternative measures for mitigation, as sometimes needed for legacy equipment.
CISOs must be ruthlessly pragmatic about first addressing the security weaknesses with the highest risk of an attack."
Bill Rowan | Skybox Security Technical Director

Cyberattacks on critical infrastructure have made it clear that OT has become a significant weakness for utilities and organizations during a crucial period in the Industry 4.0 transition. Instead of repeating the past mistake of assuming no one will target them, businesses in OT-based sectors must accept the reality that their assets have just become a prime target for threat actors.