HWG srl
  • Services
    • Cyber defense
      • Security Awareness
      • File Integrity Monitoring
      • Network Security
      • Browser Isolation
      • Email Security
      • Endpoint Security
    • Machine intelligence
      • SIEM
      • EDR
      • SOAR
      • Anomaly Behavior Analysis
      • Cyber Threat Intelligence
      • Deception
      • Threat Data Feeds
      • Vulnerability Management
      • ICS Security
    • Human expertise
      • Security Assessment
      • Incident Response
      • Security Monitoring
      • Threat Hunting
  • About us
  • Blog
  • Resource Center
  • Contacts
  • Careers
  • en
    • it
HWG Incident Response
HWG srl
  • Services
    • Cyber defense
      • Security Awareness
      • File Integrity Monitoring
      • Network Security
      • Browser Isolation
      • Email Security
      • Endpoint Security
    • Machine intelligence
      • SIEM
      • EDR
      • SOAR
      • Anomaly Behavior Analysis
      • Cyber Threat Intelligence
      • Deception
      • Threat Data Feeds
      • Vulnerability Management
      • ICS Security
    • Human expertise
      • Security Assessment
      • Incident Response
      • Security Monitoring
      • Threat Hunting
  • About us
  • Blog
  • Resource Center
  • Contacts
  • Careers
  • en
    • it
HWG srl
HWG Incident Response
  • Services
  • About us
  • Blog
  • Resource Center
  • Contacts
  • en
    • it

Cyber security in OT environment: limits and challenges in the "post Covid" era

Published by HWG on 2 February 2022

Can a health emergency impact cyber security management in an OT environment? The answer is yes. The Covid-19 pandemic that we are experiencing globally, in fact, has changed many of our habits and introduced new needs and requirements both in the private and public sphere. Adaptation to the rules of hygiene and sanitation has, in fact, led to the introduction of new control tools and the modification of procedures to manage production lines and the provision of services. With consequences under the profile of security.

More controls, more data to protect

One of the factors that has the greatest impact on cyber security in the OT environment is the amount of information stored in the systems, the accumulation of which automatically leads to a greater impact in the event of a data breach. In the OT environment, as cyber security experts point out, the health emergency has caused a marked increase in the amount of data processed. Just think of local transportation access control systems, which use video surveillance systems to estimate facility attendance and manage passenger flow. All processed video represents data that contains potentially sensitive information and therefore requires special protection. Those who have implemented these tools must therefore manage a type of information that normally followed a different and separate path from the OT domain, such as surveillance. The mixture of the two areas (the operational one and the one related to the physical security of the environments subjected to video surveillance) modifies the architecture of the infrastructure and requires an adjustment of the protection systems.

The importance of access management

Other factors affecting cyber security in OT environment is related to remote working and, more generally, travel restrictions. Even if the tools for the remote administration of IT infrastructures and the management of production lines are widely diffused, the prescriptions that foresee limitations to travel (or, trivially, the fiduciary isolation for employees who have had contact with Covid-19 positive subjects) have caused an exponential increase of remote accesses. A way to work, in the OT environment, is significantly less prevalent than in other industries. The need for physical presence for certain interventions, in fact, has always been considered an element of security, often identified with the concept of "air gap", i.e. the impossibility to access tools remotely. IIn other words, the fact that a physical connection via cable was required to change the settings of the ICS (Industrial Controller System) allowed security to be guaranteed by simply banning the area in which the devices were present. Instead, n the new scenario, the provision of tools for remote intervention has become a necessity and access management, consequently, a security priority.

Cyber security in the OT environment in the near future

Many of the factors identified are of a contingent nature and may lose their incisiveness at the end of the health emergency linked to Covid. Experts, however, emphasize that procedures and policies in the field of cyber security must be inspired by long-term logic. In other words, all companies and organizations will have to adapt in anticipation of the "worst case", i.e. the hypothesis that pandemics such as the one we are going through could cyclically repeat. A hypothesis, although not desirable, which it is necessary to be able to cope with by having adequate tools and clear rules. This diktat is particularly stringent for all those productive realities with "critical" characteristics (such as those operating in the energy sector) or those active in the field of essential services. In short: if the mixture of IT and OT environment has already turned the spotlight on the need to adequately protect digital systems for the management of production activities, the Covid emergency has added new elements of complexity that all companies and organizations must face as soon as possible.

Tags: Industry 4.0, IoT
Back to Blog

Subscribe to our blog!

Popular post

  • 11 Apr 2022
    HWG appoints Cyber-Industry veterans to its board ...
  • 01 Mar 2022
    Investcorp acquires Italy’s leading cybersecurity ...
  • 16 Feb 2022
    OT Security: how to reconcile business continuity ...
  • 17 Mar 2022
    Security Operation Center (SOC), is it really esse...
  • 09 Feb 2022
    SOC as a service: how to choose the best one

Topics

  • CEO Fraud (1)
  • Compromise assessment (1)
  • cyber resilience (1)
  • cyber risk (1)
  • Dark Web (1)
  • Incident Response (3)
  • Industry 4.0 (3)
  • IoT (2)
  • operational technology (1)
  • security assessment (1)
  • security operation center (1)
  • SOC (3)
  • Spear Phishing (2)
  • Vulnerability Management (1)
  • Zero Trust (1)

Related Articles

Incident response: how to react and prepare for legal action

Incident response is the serie of procedures used to deal with a cyber attack. Indeed, responding...
Read More

CEO Fraud: what is it and how to defend yourself

In the last three years, according to the FBI, CEO Fraud attacks have caused companies $26 billion...
Read More

Security Operation Center (SOC), is it really essential?

Increasingly frequent and sophisticated threats to the IT security system of enterprises have...
Read More
HWG
  • ISO certified company
  • ISO
  • clusit
  • Services
  • About us
  • Blog
  • Resource Center
  • Contacts
HWG Incident Response
2021 © HWG Srl

HWG Srl | Via Enrico Fermi, 15/E - 37135 Verona | P.IVA 03820790230

  • 231/2001 Model
  • Privacy Policy