We are right now at the cusp of a major change in the way we address ICS/OT Security. With the advent of Industrial IoT (IIoT), previously isolated infrastructure is now exposed to the cloud.
There has been an upsurge of cyber threats to industrial control systems, but the unique nature of those ICS/OT environments involves special methodologies to secure them. Many organizations are discovering that current IT security controls are inadequate to tackle ICS/OT security. At the same time, from a people perspective there’s a major disconnect between the OT and IT Security teams. OT teams believe they’ve a good handle on security risks, whereas IT Security teams approach OT Security with the same philosophy they apply to IT – but that doesn’t work. To catch up to the upsurge of increasing threat landscape, organizations acknowledge a need for first-hand cybersecurity skills, and are looking for better awareness and ICS/OT specific training for both Operational Technology employees and IT security professionals.
Effective cyber security for operational environments requires common understanding of best practices, awareness of emerging threats, and attention to existing vulnerabilities.