How to Mitigate Risk Against Operational Technology (OT)

Operational Technology, or OT, are hardware and software technologies that monitor and control a wide variety of physical operations, including, but not limited to, processes, devices, and even various infrastructures such as public rail transport. As OT becomes increasingly digitized, most of these technologies will be connected to corporate networks and the Internet to improve productivity and streamline operations. But with this functionality they are taking more risks (digital attacks, malware, social engineering techniques) as the once isolated technology now has the potential to be attacked by external threat actors and hackers.

This continuous technological advancement has caused the OT to lose its isolation from risks posed by the Internet. In 2019, IBM reported a staggering 2000% increase in cybersecurity incidents against OT, up another 30% year over year. Also a 2020 study reported that 43% of security companies have downgraded their incident reporting – which often results in fewer new vulnerabilities being identified and addressed. In recent years, cyber criminals have increasingly demonstrated their willingness to inflict potential damage on a large population by shutting down critical infrastructures. In the worst case, this can lead to loss of life. In addition, an attack threatens companies affected by a disruption to reputational damage and major financial losses.


However, the challenges associated with bringing operational technology security up to date are far-reaching. Technologies that use OT are constantly connected to the Internet and cannot be disconnected to install or apply updates because stopping operations would mean millions of dollars in lost. In addition, OT often runs on outdated operating systems; does not scan often enough, creating blind spots that can hide new threats for long periods of time; and is very difficult to patch. While the challenges of securing operational technology are significant, it is short-sighted, costly, and dangerous for the company and its customers not to make security a priority.

While many critical infrastructure organizations continue to operate, hoping they won’t be the next headline topic, regulators don’t have adequate ones Regulations Established to ensure organizations keep their OT security up-to-date and effective against continuous evolution Cyber threats. Updating and enforcing OT cybersecurity regulations is critical to keeping the company and its customers, users, employees, or the public safe. and ensure that risks do not affect them in such a way that they affect their ability to provide critical services. An example of this type of attack, while not directly affecting the operational technology itself, was the recent incident in the United States against the Colonial Pipeline. In that incident, the pipeline’s operations were confiscated after a group of cyber criminals hacked into its software and shut it down, causing panic among millions of American citizens. This is a scary thought considering that this particular pipeline is responsible for providing nearly half of the fuel supply to the east coast of the country. Many citizens panicked and bought gasoline, fearing that the price would rise after the attack.

Some examples of past attacks on the OT infrastructure are:

  • A 2013 hack carried out by Iranian cyber criminals into the lock gates of Bowman Avenue Dam in New York (The New York Times).
  • In 2014, hackers used social engineering techniques to gain access to a German steelworks and forced the shutdown of a large furnace, which caused massive damage (BBC).


With these points in mind, companies should set priorities and invest in maturing their security processes and operational resilience programs. Take sophisticated risk and safety programs risk based approachwhere they assess all potential threats to the business and then determine which threats are likely to occur and have the potential to be the most harmful. Incorporating a risk-based approach into your programs allows risk and security teams to prioritize their efforts and focus on risk mitigation and management strategies that support the greatest impact on the business.

Businesses can leverage the power of technology from organizations like ServiceNow to automate Tasks so risk and security teams can focus on valuable tasks. Reporting and dashboard capabilities provide context on the impact of threats and ensure that risk and security teams can make informed decisions about protecting customers and businesses.

If your organization wants to make sure it is safe, Talk to Eisberg today on how to expand your security processes and operational resilience programs.

Related Discussion: A Risk-Based Approach to Bridging the Security Gap in the Energy Sector (30 minutes)

*** This is a syndicated blog from the Security Bloggers Network from Risk Intelligence Academy – Iceberg Networks written by Meaghan O’brien. Read the original article at: