• About
  • Subscribe
  • Contact
Wednesday, May 7, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

FutureCISO Security Alert: Cyber attackers are weaponizing OT to harm us

FutureCIO Editors by FutureCIO Editors
July 23, 2021
Photo by Pixabay from Pexels

Photo by Pixabay from Pexels

Gartner warns that by 2025, cyber attackers will have weaponized operational technology (OT) environments to successfully harm or kill humans.

Attacks on OT – hardware and software that monitors or controls equipment, assets, and processes – have become more common. They have also evolved from immediate process disruption such as shutting down a plant, to compromising the integrity of industrial environments with the intent to create physical harm.

Other recent events like the Colonial Pipeline ransomware attack have highlighted the need to have properly segmented networks for IT and OT.

Wam Voster, senior research director at Gartner says in operational environments, security and risk management leaders should be more concerned about real-world hazards to humans and the environment, rather than information theft.

“Inquiries with Gartner clients reveal that organizations in asset-intensive industries like manufacturing, resources and utilities struggle to define appropriate control frameworks.”

Wam Voster

Gartner says security incidents in OT and other cyber-physical systems (CPS) have three main motivations: actual harm, commercial vandalism (reduced output) and reputational vandalism (making a manufacturer untrusted or unreliable).

It predicts that the financial impact of CPS attacks resulting in fatal casualties will reach over $50 billion by 2023.

Even without taking the value of human life into account, the costs for organizations in terms of compensation, litigation, insurance, regulatory fines and reputation loss will be significant. It also predicts that most CEOs will be personally liable for such incidents.

10 Security Controls for Operational Technology

Gartner recommends that organizations adopt a framework of 10 security controls to improve security posture across their facilities and prevent incidents in the digital world from having an adverse effect in the physical world.

Source: Gartner (July 2021)

1. Define roles and responsibilities

Appoint an OT security manager for each facility, who is responsible for assigning and documenting roles and responsibilities related to security for all workers, senior managers and any third parties.

2. Ensure appropriate training and awareness

All OT staff must have the required skills for their roles. Employees at each facility must be trained to recognize security risks, the most common attack vectors and what to do in case of a security incident.

3. Implement and test incident response

Ensure each facility implements and maintains an OT specific security incident management process that includes four phases: preparation; detection and analysis; containment, eradication and recovery; and post-incident activity.

4. Backup, restore and disaster recovery

Ensure proper backup, restore and disaster recovery procedures are in place. To limit the impact of physical events such as a fire, do not store backup media in the same location as the backed up system.

The backup media must also be protected from unauthorized disclosure or misuse. To cope with high severity incidents, it must be possible to restore the backup on a new system or virtual machine.

5. Manage portable media

Create a policy to ensure all portable data storage media such as USB sticks and portable computers are scanned, regardless of whether a device belongs to an internal employee or external parties such as subcontractors or equipment manufacturer representatives. Only media found to be free from malicious code or software can be connected to the OT.

6. Have an up-to-date asset inventory

The security manager must keep a continuously updated inventory of all OT equipment and software.

7. Establish proper network segregation

OT networks must be physically or/and logically separated from any other network both internally and externally. All network traffic between an OT and any other part of the network must go through a secure gateway solution like a demilitarized zone (DMZ). Interactive sessions to OT must use multi-factor authentication to authenticate at the gateway.

8. Collect logs and implement real-time detection

Appropriate policies or procedures must be in place for automated logging and reviewing of potential and actual security events. These should include clear retention times for the security logs to be retained and protection against tampering or unwanted modification.

9. Implement a secure configuration process

Secure configurations must be developed, standardized, and deployed for all applicable systems like endpoints, servers, network devices and field devices. Endpoint security software like anti-malware must be installed and enabled on all components in the OT environment that support it.

10. Formal patching process

Implement a process to have patches qualified by the equipment manufacturers before deploying. Once qualified, the patches can only be deployed on appropriate systems with a pre-specified frequency.

Related:  Cloud migration and the rise of non-human entities
Tags: cybersecurityGartneroperational technologysecurity controls
FutureCIO Editors

FutureCIO Editors

No Result
View All Result

Recent Posts

  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR
  • Dataiku brings new AI capabilities to create and control AI agents
  • Microsoft reveals the rise of a new kind of organisation in the AI era
  • St Luke’s ElderCare enhances data security and user experience with Juniper

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe