March 2, 2021
Strategic Insights: Securing and Prioritizing Operational Technology
Next Dimension curates the most practical and useful tools and strategic IT insights from the web. This week we shared articles across our social media talking about Securing and Prioritizing Operational Technology.
41% of ransomware attacks targeted Operational Technology last year. Visibility of internal traffic is crucial.
IT has always focused on “protecting the edge and protecting endpoints”. Technology can be breached whether its in place to support Information or Operations. Do you have controls? Sensors? Robots? These operational technologies are just as important to secure. These welcome additions to operations have the same access and vulnerabilities as traditional servers, routers, and wifi access points.
“If a control or sensor is manipulated through a cyber attack, the product OT helps to create is at best useless, and at worse, dangerous.”
Many OT devices are connected through legacy systems, and only run on the very infrastructure that has been deemed ‘end of life’ and extremely vulnerable. This wasn’t an issue until these devices began connecting to the rest of the network; the same network responsible for:
- Keeping your business up and running
- Keeping employee and customer data safe
- Providing an information conduit straight through your supply chain
It’s time to close the gaps between IT and OT once and for all.
Struggling to prioritize Digital Transformation goals? Use these 3 Tips:
So you’ve decided to move ahead with your Digital Strategy. You know where you want the business go, and you are prepared to make the organizational changes needed to transform. The next – and most important question – is, WHERE DO YOU START?
Enterprisers Project offers these three tips to help you prioritize not only your projects, but also your goals.
1. Start with the overarching digital transformation goal
2. Prioritize your mid-size projects
3. Find the quick wins
Once you’ve established the above three, break each down to bite-size chunks so as to not overwhelm the team, and start knocking things off the to-do list!
Four new hacking groups targeting industrial systems. How safe are you?
According to research conducted by Dragos, four new hacking groups targeting OT and industrial systems have been detected and identified over the past year. There continues to be an abundant growth of cyber criminals attacking OT environments and industrial control systems.
- Easier access. Because of vulnerabilities in legacy systems
- Conduit to other networks. Because these controls often have streamlined access to supplier and customer networks
- Less protection. Because security tools have historically been deployed to protect the information network as opposed to Operations
OT Network security requires a different approach than traditional IT security; and visibility is the number one priority for COOs looking to improve their OT security approach.
Is your industry at high risk for cyber crime?
The value of your digital assets may have played a role in your industry’s relevance in the early days of cyber crime. Industries like finance and healthcare have always had to take extra precaution to protect their data. Cyber crime has evolved, and it’s not about the market value of the data as much as it’s “how much is the data worth to you as an organization?”
Ransomware in rampant for just this reason. Criminals have become savvy in knowing exactly what amount to demand in return for (hopefully most of) your company data.
The small and mid size business market is a definite target. Criminals know these organizations don’t have the budget to invest in the same level of security as “the big guys”.
And of course, the expanded and disbanded workforce has added numerous layers of vulnerability to organizations across the spectrum. SO WHAT CAN YOU DO? Cybersecurity Dive says its simple: Determine what needs protecting and define all the ways you can protect that asset, and roll out a plan to do so.
Looking for more great resources? Visit our Learning Academy.