One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8516191 |
| Date de publication | 2024-06-10 10:00:00 (vue: 2024-06-10 10:07:07) |
| Titre | OT Cybersecurity: sauvegarde notre infrastructure OT Cybersecurity: Safeguard Our Infrastracture |
| Texte | What is Operational Technology? Operational Technology (OT) is the backbone of our modern world as we know it today. Think about the daily operations of a factory, the precise control of our power grids, and even the supply of clean water to our homes. All of these modern capabilities are made possible and efficient due to OT systems. Unlike Information Technology (IT), which revolves around systems that process and store data, OT focuses on the physical machinery and processes which drive key industries including manufacturing, energy, and transportation. Each component of an OT system serves a critical purpose in ensuring the continuity of industrial operations. OT systems are typically made up of: Programmable Logic Controllers (PLCs): Devices that control industrial processes through execution of programmed instructions. Human-Machine Interfaces (HMIs): Interfaces that allow human users to interact with the control system Sensors and Actuators: Devices that monitor the physical environment through collection of data, and then perform actions according to input from the physical environment. The various subsets of OT system types include Industrial Control Systems (ICS), which manage factory equipment; Supervisory Control and Data Acquisition (SCADA) systems, which monitor and control industrial operations; and Distributed Control Systems (DCS), which automate processes. These systems are essential for keeping our modern infrastructure up and running. It is imperative that measures are taken to secure the availability of our OT systems, as an interruption to these systems would be disruptive to our day to day lives, and potentially catastrophic. To put things into perspective, can you imagine what your day would look like if your power grid went down for a prolonged period? What if the supply of clean water to your home was disrupted, are you ready for the chaos that will ensue? Both of these examples as well as other OT security incidents has the potential to cause loss of human life. In this blog, we\'ll discuss the importance of securing OT systems, best practices to align with, as well as challenges faced when safeguarding these indispensable systems. The Convergence of IT and OT Traditionally, OT environments were intended to be contained within their own highly secured network, without the ability to communicate externally. Today, the boundary between IT and OT is increasingly blurred with modern industrial operations relying on the convergence of IT and OT to enhance efficiency, optimize performance, and reduce costs. Additionally, the rise of adding network connectivity to devices and appliances that were traditionally not connected to the internet has further accelerated this convergence. This shift to network connectivity dependency has introduced the terms “Internet of Things (IOT) and “Industrial Internet of Things” (IIOT), which has brought numerous benefits but also introduced significant cybersecurity concerns. Cybersecurity of OT Systems As opposed to IT Security which focuses on the protection and integrity of data, OT cybersecurity prioritizes the availability of OT systems as a cyber attack on these systems is certain to disrupt business operations, cause physical damage, and endanger public safety. Security Concerns around OT Systems OT systems were designed with a specific purpose in mind and were not originally thought of as traditional computers as we know it, therefore security aspects of the design were not a first thought. As a result, the only security that many of these systems have is due to bolted-on security due to security as an afterthought. Also, many of the standard security best practices are often not conducted on this equipment due a multitude of factors such as the difficulty of patching OT systems, accommodating downtime hours on these critical systems that need to always be available. As a result, OT systems are |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | “air “industrial “internet ability about academia accelerated access accessed accommodating according achieved acquisition across actions active actuators: adaptive adding addition additional additionally address addressed addressing advancements advances affect afterthought agencies aid align all allow also always amongst anomalies any appliances apply are around artificial aspects assessment assets assign assigned associated attack audited authentication automate availability available aware awareness backbone based benefits best between blockchain blog blurred bolted both boundary breaches brings brought build business but can cannot capabilities catastrophic cause causing certain challenges chaos clean closely cloud coherent collaborate collaboration collaborative collection combat comes communicate communication complexities compliance component computers concerns conclusion conducted connected connectivity conscious consequence consequences consideration considering constantly contained contamination continuity continuous control controllers convergence costs credentials critical crucial culture cyber cyberattacks cybersecurity cybersecurity: daily damage data date day dcs defending dependency design designed develop devices difficult difficulty disaster disastrous discovery discuss disrupt disrupted disruption disruptive distributed does down downtime downtown drive due during each ease effective effectively efficiency efficient efforts emerging emphasizes endanger energy engaging enhance ensue ensure ensures ensuring environment environments equipment equipment; essential establishing even event events evolving example examples execution exploitation exploited externally faced factor factors factory falling familiar features financial fines first focuses formal foster fostered from fundamental further gap gapped” govern government grid grids handle harder hardware has have having help highlighting highly hmis home homes hours how human ics ideal identification identify iiot imagine impact imperative implement implementation implemented implementing implications importance important improve improvement incident incidents include including increasing increasingly indispensable industrial industries industry information infrastracture infrastructure initiatives innovation input instructions integration integrity intelligence intended interact interfaces interference internet interruption introduced inventory invest iot isolated it/ot keep keeping key know knowledge known lack landscape latency latest lead learning legacy less leverage leveraged life like limited lives logging logic longer look loss losses low machine machinery made maintain maintaining major make makes manage managed management manufacturing many measures methods mind mitigation modern monitor monitoring more move multi multitude must nation necessary need network networks new niche noncompliance not notorious now nuclear numerous obvious of: often one only operation operational operations operations; opposed optimize order organization organizations originally other out outdated own patch patching perform performance period periodic personnel perspective physical planning plans plcs policies poor possible potential potentially power practices precise prepared present prevent prioritization prioritize prioritizes proactive process processes productivity profile program programmable programmed programs prolonged properly protect protection protocols public purpose put quantify ready real recently recover reduce regulations regulatory related relating relying repair reputation reputational require requirements resources responders response responsibility result resulting revolves rise rising risk risks rogue role running sabotage safeguard safeguarding safety scada sectors secure secured securing security segmentation sensors serves sharing shift should siem significant simulations skills smooth software solutions space specific specifically staff stakeholders standard standards state’s stay store strategies stringent stu |
| Tags | Vulnerability Patching Industrial Cloud |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.