operational technology (OT), noted by sister publication CSO US,

colonial_pipeline_facility_in_baltimore_maryland_usa_2021_05_10_shutterstock_editorial_digital-only_11897524k_2400x1600-100888738-orig.jpg

Credit: JIM LO SCALZO / EPA-EFE / Shutterstock

The need for operational technology (OT) security is set to surge, with analyst firm Gartner predicting that by 2025 cyber attackers will have weaponised OT environments to successfully harm or kill humans. 

On the face of it, Gartner’s prediction seems somewhat unnecessarily alarmist, but there have been plenty of examples over the past few years that have demonstrated the control cyber criminals can wield over internet-connected industrial equipment, in particular critical infrastructure. 

As recently as May 7, a pipeline system carrying almost half the fuel used on the east coast of the United States was crippled by a major cyber attack. 

The five-day shutdown of the Colonial Pipeline resulted in widespread fuel shortages and panic-buying as Virginia, North Carolina and Florida declared a state of emergency. 

As noted by sister publication CSO US, a lack of visibility into the security status of its operational technology systems is likely what caused Colonial to shut down its operations. 

Not shying away from Gartner’s seemingly dramatic claim, Rob McMillan, managing vice president at the analyst firm, suggests that the OT landscape is something akin to what might be found in the fictional wasteland of the Mad Max film franchise.  

“This realm, which can have (and has had) real life or death implications, is the very definition of the Badlands,” said McMillan. “There’s no standardisation or tradition of consistent security controls in OT environments, melded with an archaic design discipline and naïve views of connected technology.” 

According to Gartner, security incidents in OT and other cyber-physical systems (CPS) have three main motivations: actual harm; commercial vandalism, such as reduced output; and reputational vandalism – making a manufacturer untrusted or unreliable. 

In what some may view as a bold claim, Gartner predicts that the financial impact of cyber-physical systems attacks resulting in fatal casualties will reach over US$50 billion by 2023.  

Even without taking the value of human life into account, the analyst firm noted, the costs for organisations in terms of compensation, litigation, insurance, regulatory fines and reputation loss will be significant.  

Gartner also predicts that most CEOs will be personally liable for such incidents. 

“In operational environments, security and risk management leaders should be more concerned about real world hazards to humans and the environment, rather than information theft,” said Wam Voster, senior research director at Gartner. “Inquiries with Gartner clients reveal that organisations in asset-intensive industries like manufacturing, resources and utilities struggle to define appropriate control frameworks.” 

Fortunately, there are a number of ways enterprises can minimise the risks, according to Gartner, and technology vendors and partners are likely to play no small role in how companies can achieve their goals in this area. 

Broadly, Gartner recommends that organisations adopt a framework of 10 security controls to improve security posture across their facilities and prevent incidents in the digital world from having an adverse effect in the physical world: 

  • Define roles and responsibilities 
  • Ensure appropriate training and awareness 
  • Implement and test incident response 
  • Backup, restore and disaster recovery 
  • Manage portable media 
  • Have an up-to-date asset inventory 
  • Establish proper network segregation 
  • Collect logs and implement real-time detection 
  • Implement a secure configuration process 
  • Adopt a formal patching process 

Unsurprisingly, demand for OT security offerings appears to be growing in the local region. Just this month, for example, OT security equipment vendor Waterfall Security Solutions said it had put boots on the ground in Singapore in a bid to launch its expansion into the broader Asia Pacific market. 

The company claimed the move reflected growing interest for its suite of unidirectional OT security products in the local market. 

“Waterfall sees Singapore as a strategically important market and as an established gateway to APAC,” said Lior Frenkel, CEO and co-founder of Waterfall Security. 

“We look forward to working much more closely with new and existing customers, partners and service providers in the region,” he added.


Japan travel news, japan travel guides, japan holiday destinations and japan reviews

LATEST NEWS

NEWS RELATED

Reliance Jio is offering Buy 1 Get 1 offer to JioPhone users: Plans, benefits and more

Reliance Jio is offering a rather different recharge benefit to its JioPhone prepaid customers. As a part of the new offer, the telecom giant is offering Buy 1 Get 1 Free offer on all JioPhone available plans. What is JioPhone Buy 1 Get 1 offerWith the JioPhone Buy 1 Get…

Read more: Reliance Jio is offering Buy 1 Get 1 offer to JioPhone users: Plans, benefits and more

AMD Radeon RX 6600 XT GPU with up to 10.6 teraflops compute power launched, priced at $379

The 6600 XT is the newest member of the Radeon RX 6000 family AMD is looking to fill the 1080p GPU gap with a new member in the Radeon RX 6000 series family. The 6600 XT is the fifth card to be released in the series and is based on…

Read more: AMD Radeon RX 6600 XT GPU with up to 10.6 teraflops compute power launched, priced at $379

Elon Musk slams Apple and sides with Epic, calls 30% store fees unfair

Elon Musk tweeted out in support for Epic Games in the ongoing Apple and Epic lawsuit where the Fortnite maker alleged that the Cupertino technology giant was using its popular App Store as an illegal monopoly and took a 30 percent cut on every sale on its digital storefront. Apple…

Read more: Elon Musk slams Apple and sides with Epic, calls 30% store fees unfair

How to use the Terminal to see what Mac processes are accessing the internet

Use Terminal to see which processes are using your Internet connection

Read more: How to use the Terminal to see what Mac processes are accessing the internet

Google will stop account sign-in for users running old Android version

Google is ending sign-in support for devices running on very old versions of Android. The tech giant is sending email to users saying sign-in will not be supported on Android version 2.3.7 and lower. In order to continue using Google apps on their phones, they must upgrade to Android version…

Read more: Google will stop account sign-in for users running old Android version

1.3%, the number that 'troubled' Airtel across all 26 telecom circles in May

It may be just coincidence or something more, but all the 26 telecom circles of Bharti Airtel showed identical fall in subscribers at 1.3 per cent in May over April this year.As per the latest data, even the overall fall nationally for Airtel stood at 1.3 per cent. For every…

Read more: 1.3%, the number that 'troubled' Airtel across all 26 telecom circles in May

WordPress Download Manager plugin patches security flaw

The remote code execution vulnerability has now been fixed A security flaw in a popular WordPress plugin called WordPress Download Manager has now been fixed. The flaw allowed hackers to run and upload malicious files on the websites that ran the plugin. According to the security researchers at Wordfence, the…

Read more: WordPress Download Manager plugin patches security flaw

Microsoft faces subpoena in Google's antitrust case in US

Microsoft, which cooperated with the US prosecutors in building a 2020 antitrust case against Google, is now facing a subpoena to produce millions more documents at the request of Googles defense team, the media reported.According to a report in The Verge on Friday, judge Amit Mehta said that “more information…

Read more: Microsoft faces subpoena in Google's antitrust case in US

11th edition of EV Expo to be held in Delhi August 6-8

Delivery startup Gopuff valued at $15 billion after latest fundraising

Reliance Jio maintains its leads in subscriber numbers in Delhi: Trai

The Tech Weekender: Google's compliance report, Nothing Ear 1 launched, Google Search update cracks down on link spam, Facebook wants to build a 'metaverse', The PlayStation 5 sells 10 million units worldwide and 16-year old's will have a private account by default when they sign up for Instagram

Is RPA prone to cyberattacks?

Elon Musk says Apple is charging a global internet tax

Mastercard submits new audit to India after ban over data handling

Microsoft to invest in OYO before its potential IPO

OTHER NEWS