OT, 4IR and cybercrime

Issue 2/3 2023 Integrated Solutions, Infrastructure, Mining (Industry), IoT & Automation


Hennie Colyn.

The convergence of OT (operational technology) and IT in industrial environments offers numerous and tangible benefits. When 4IR technologies are added to the mix, the sky becomes the proverbial limit.

However, the above proliferation has also opened operational systems to cyberattacks, traditionally reserved for IT. Unfortunately, numerous organisations still have a lot of work to do to ensure they do not become the next name in a long list of cybercrime victims.

A recent Claroty global survey[1] confirms the above. The report surveyed 1100 IT and OT security professionals and revealed that 80% of the respondents had fallen victim to ransomware attacks targeting critical infrastructure.

The reality is that unless data centre managers’ start reducing risks to OT systems, the abovementioned statistics will become the tip of the iceberg. In fact, TechMonitor[2] estimates that global cost of cybercrime will reach $10.5 trillion by 2025.

The target on OT’s back

OT infrastructure forms an integral part of data centre environments, delivering important functionality to critical services and industries such as energy and utilities, water and wastewater (WWW) plants, and transportation.

Datacentres exist at the interaction of IT and OT, which can expose it to additional cybersecurity threats. This interplay between IT and OT becomes even more personal with the adoption of 4IR, driven by digitalisation.

The increased exposure of OT environments to cyber dangers is an unfortunate side effect of digitalisation. The addition of digital applications and IoT connections to capture and analyse data from OT equipment has widened the cyberattack surface. Furthermore, industrial operations continue to rely on legacy equipment that was not designed with protection against cyber dangers.

These issues create vulnerabilities that threat actors are very happy to explore. Sponsored hacker groups are of particular concern as they may choose high profile, critical infrastructure targets.

Hardening infrastructure

Fortunately, there are numerous ways of safeguarding OT systems, and the data centres they resides in, against cyberattacks. However, it requires investment and commitment across the entire organisational structure.

For one, OT cyber defences require a multi-layered, integrated approach that considers the environment’s vulnerabilities and addresses internal and external threats. It is important to update processes and security as technology evolves.

Global standards can also provide valuable guidance in best operational practices. The IEC 62443-2-4 standard specifies security capability requirements for integration, operational, and maintenance for deployed devices, systems, and network components. It provides a comprehensive set of cybersecurity standards for industrial automation and control systems that can be applied to the data centres’ critical infrastructure.

Organisations grappling with how best to secure their OT environments can also partner with technology and service providers that offer decades of experience and sophisticated cybersecurity solutions, to address vulnerabilities, while improving efficiencies.

For example, Schneider Electric’s Cybersecurity Application Platform (CAP) provides an integrated cybersecurity solution, enabling operations teams to have real-time visibility of their cybersecurity environment while reducing the complexity of OT environments.

Resources

[1] www.securitysa.com/*se5

[2] www.securitysa.com/*se6


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

From the Editor's desk: The good, the bad, and the victims
Technews Publishing News & Events
When the Internet first arrived, everyone was expecting amazing things from it, well, everyone who knew what it was and how it worked. We had the dotcom boom and bust, and it’s fair to say that if we ...

Read more...
Data resilience at VeeamON
Technews Publishing SMART Security Solutions Infrastructure Information Security
SMART Security Solutions attended the VeeamON Tour in Johannesburg in August to learn more about data resilience and Veeam’s initiatives to enhance data protection, both on-site and in the cloud.

Read more...
Identity, Security & Access Alliance focuses on intelligence and integration
SMART Security Solutions Ideco Biometrics BoomGate Systems Bosch Building Technologies Technews Publishing Integrated Solutions Surveillance Access Control & Identity Management
The Identity, Security & Access Alliance (ISAA) hosted several launch events in Johannesburg in August, showcasing the participating companies’ technical solutions with a primary focus on the solutions made possible by integrating high-quality systems to deliver comprehensive solutions.

Read more...
Make BIG and COMPLEX small and manageable
neaMetrics Suprema AI & Data Analytics Surveillance Integrated Solutions
Traditional CCTV and access systems often operate separately, creating gaps in visibility and efficiency. TRASSIR and Suprema have partnered to develop an integrated platform that improves security, operations, and situational awareness.

Read more...
Get the AI fundamentals right
Technews Publishing SMART Security Solutions Leaderware Editor's Choice Surveillance AI & Data Analytics
Much of the marketing for CCTV AI detection implies the client can just drop the AI into their existing systems and operations, and they will be detecting all criminals and be far more efficient when doing it.

Read more...
SMART Surveillance Conference in Johannesburg
Arteco Global Africa Technews Publishing SMART Security Solutions Axis Communications SA neaMetrics Editor's Choice Surveillance Security Services & Risk Management Logistics (Industry) AI & Data Analytics
SMART Security Solutions hosted its annual SMART Surveillance Conference in Johannesburg in July, welcoming several guests, sponsors, and speakers for an informative and enjoyable day examining the evolution of the surveillance market.

Read more...
Troye exposes the Entra ID backup blind spot
Information Security Infrastructure
If you trust Microsoft to protect your identity, think again. Many organisations naively believe that Microsoft’s shared responsibility model covers Microsoft Entra?ID – formerly Azure AD – but it does not.

Read more...
Layered security for complex spaces
Regal Security Distributors SA Integrated Solutions Industrial (Industry) Commercial (Industry)
The positive impact of loss prevention and risk management on the bottom line is far more than just a number; it means that assets are physically secure, insurance premiums remain low, and people are protected.

Read more...
Hytera supports communication upgrade for Joburg
News & Events Infrastructure Government and Parastatal (Industry)
By equipping Johannesburg’s metro police and emergency services with multimode radios which integrate TETRA and LTE networks, Hytera is bridging coverage gaps and improving response times across the city.

Read more...
Combining TETRA or DMR with 5G broadband
Infrastructure IoT & Automation
As enterprises face rising complexity and connectivity demands, hybrid networks offer a transformative path, combining the proven reliability of TETRA or DMR with the innovation and coverage of 5G broadband.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.