sb-au logo
Story image

IT & OT convergence brings new cyber risks to industrial sector

18 Jul 2019

IT and operational technology (OT) are on a journey to convergence, but that convergence must be managed with caution in order to manage cybersecurity risks that go with it. 

The risk towards industrial organisation such as the energy sector are immense – in fact the Australian Energy Market Operator says that protecting the sector is a matter of national importance.

Forescout Asia pacific and Japan senior director of systems engineering Steve Hunter comments that cyber risks against IT and OT environments have been steadily growing. Now there is a driving force by government and industry bodies to address those risks.

The Australian Energy Sector Cyber Security Framework (AESCSF), which provides a foundation for the sector to be consistently assessed and the insight to uplift cybersecurity capabilities and strengthen cyber resilience. 

“This increasing pressure is putting new demands on CIOs and CISOs in the utilities sector now tasked with protecting this entire ecosystem,” comments Hunter.

“The reality is, however, that no organisation can be expected to understand that of which they don’t know, and a key part of addressing this knowledge gap is to have complete device visibility and control across IT and OT.”

He says that criminals often gain access to OT systems by compromising contract and third party vendors.

“Devices are installed onto the network to make workers’ jobs more efficient but the IT team either isn’t alerted to their presence or can’t see them via existing asset discovery processes. Vendors come in and do their job, then leave devices behind or leave decommissioned assets connected, creating rogue devices that aren’t managed and secured. This creates potential to take the organisation down with a single attack.” 

Forescout states that utilities can protect themselves by gaining full visibility into all the devices connected to the network, understanding what’s connected at all times and managing those connected devices to prevent unauthorised access to the network. 

“When it comes to asset discovery, utilities should carefully start with the system critical services and work in priority order to identify: what assets support the process; what hardware and software run on the assets; what network topology supports them; and what endpoints, devices, and non-network connected devices really constitute the asset in its entirety,” says Hunter.

“Utilities should put in place a framework of controls from asset discovery, hardware, and software asset management, configuration management, and vulnerability management, to building a blueprint for efficient and measurable risk reduction.” 

Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
High-tech heist: why fending off ransomware attacks is more challenging than ever in 2020
The COVID-19 crisis has unleashed a wave of sophisticated and disruptive ransomware attacks, and the onus is on businesses to ramp up their security measures if they’re to avoid falling victim, writes Attivo Networks regional director for A/NZ Jim Cook.More
Story image
Cryptomining trojan malware discovered by ESET researchers
The malware, primarily targeting victims in Czechia and Slovakia, prioritises subterfuge through deployment of multiple techniques to avoid detection, and leans heavily on the Tor network and BitTorrent protocol to achieve its goals.More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Proofpoint and CyberArk extend partnership to further safeguard high-risk users
“Our CyberArk partnership extension provides security teams with increased detection and enhanced adaptive controls to help prevent today’s most severe threats."More
Story image
Fortinet SOARs to new heights of protection on the wings of AI & automation
Jon McGettigan, Fortinet A/NZ Regional Director, talks about SOAR (security orchestration, automation and response) and explains that effective SOAR starts with your security policy.More