It appears COVID-19 will dramatically impact the economy – and our work life – at least until a vaccine is discovered. In this crisis mode, operators have needed to reduce onsite personnel, putting greater strain on the limited resources at the plant and requiring an increase in external connectivity for those working remotely.
At the same time, cases of ransomware and vulnerabilities associated with industrial control systems are growing rapidly. Both the National Security Agency and Cybersecurity and Infrastructure Security Agency recently released alerts on the significant increase in cyberattacks on critical infrastructure. The air-gap (if it ever truly existed) is now gone.
The challenges of industrial control systems (ICS) and operations technology (OT) cybersecurity are well-known: sensitive devices, limited resources, risk to operations, and the oft-repeated question of "Why bother, if we aren't connected to the Internet?" to name a few. But the crisis opens the door to new possibilities. No longer is the air-gap argument realistic. OT and ICS endpoints are clearly at risk, yet asset visibility and security are also now feasible. How do you avoid wasting the opportunity that comes from this crisis?
Below is a four-step guide that security leaders can follow to significantly change the direction of OT security so that as we emerge from the pandemic, entire systems will be more secure and efficient processes will be created to keep them that way.
Step 1: Don't Settle It's tempting to settle for near-term fixes to immediate problems during a crisis. As COVID-19 requires more operations personnel to work remotely, that "near-term fix" is secure remote ..
Support the originator by clicking the read the rest link below.
