CNI Cyber Concern. The Increase of Cyber Attacks on OT

The risk of cyber attacks presents a burgeoning threat to our critical national infrastructure (CNI). This is the infrastructure that underpins our society and our economy.

As such, recent research has found that 86% of CNI organisations in the UK reported having experienced cyber incidents in the past year. 93% of those admitted that at least one of those incidents was a successful attack. In the same period (last year) the average cost to resolving such an attack rose to £3.46million. 

We are seeing that cyber criminals are increasingly targeting operational technology (OT) environments for maximum impact therefore causing paralysing system shutdowns and disruptions.

But why is OT becoming a major target for cyber criminals?

OT systems previously operated in isolation, with tight physical security, separate protocols, standards, and governance models. Recent advances in digital transformation revolutionised CNI especially with the adoption of automation and remote networking, as supported by information technology (IT), to bring greater efficiency, transparency and insights. However, these new digital capabilities have come at a cost, with new vulnerabilities in OT systems increasing by 46% in 2021. 

Understanding OT cyber vulnerability

Internet connected devices and technologies integrated into OT systems can be exploited by threat actors to gain unauthorised access or to execute malicious commands. There are a number of reasons for this:

1. Such connected devices often have minimal operational processing power which limits the capacity to support firmware updates or the integration of a protective agent.
2. The now larger attack surface of these systems increases the set of vulnerabilities attractive to attackers.
3. OT components and devices are typically designed to be deployed as closed networks with planned lifespans of 15 – 20 years. These legacy systems are slow in adapting to technological changes and often lack modern security features such as a firewall and authentication mechanisms.

Secure your OT environment now

As the cyber threat landscape is constantly evolving, it is ever more important for CNI organisations to prevent and detect threats, whilst ensuring their ability to quickly respond to and recover from attacks.

Working with large global clients across many industries, we have developed a comprehensive approach to help organisations manage cybersecurity risks.

Here, we’d like to share five steps that you can take to secure your OT environment.

5 steps to secure your OT environment

1. Manage and monitor your OT assets

Visibility is critical for a robust cybersecurity programme – you can’t protect what you can’t see. While OT systems vary in complexity, organisations can use automatic discovery tools to keep an accurate and up-to-date asset inventory. This helps ensure comprehensive, continuous monitoring of your assets for events of interest, allowing you to highlight vulnerabilities in real time.

2. Assess your cyber maturity

A maturity assessment provides important insights into your current security state and helps prioritise departmental and organisational action plans for improvement and remediation. Of especial importance within the CNI is the ability for organisations to understand their level of maturity. This is also key to maintaining compliance with increasing regulatory requirements.

3. Segment your network

As OT networks become increasingly connected, potential attack surfaces expand accordingly. Therefore, it is vital to secure all entry points. An effective way to protect your organisation from breaches is through network segmentation. By dividing your network into individual segments, organisations can control, monitor and protect each subnet, thus help preventing free movement of hackers within your environment.

4. Create a governance framework

An effective cybersecurity governance programme requires leadership support from the outset to ensure that the framework is aligned with your organisation’s strategic objectives and is widely adopted. Setting the right tone at the top also helps establish team roles and responsibilities to address risks arising from the convergence of OT and IT.

5. Invest in your people

Upskilling and reskilling your people is the best way to defend against cyber threats. Leaders need to nurture a strong security culture in their organisations that is underpinned by regular training and awareness campaigns, relevant to their teams, to bridge the knowledge gap.

We have been supporting organisations to mitigate evolving cyber risks in response to increasing digital transformation activities. If you would like to learn more about how we can help, do feel free to get in touch.