Strengthening industrial cybersecurity

Last year, major cybersecurity incidents struck industrial organizations in various sectors — from a compromise of a water treatment facility with the intent to poison its community to a ransomware attack against a pipeline operator that disrupted gas supplies to the southeastern U.S. The incidents underscored the potentially devastating outcomes a security breach of critical infrastructure could have on communities and a country’s economy. And the threats keep growing, according to a new report.

These high-profile attacks elevated a discussion that the industrial control systems (ICS)/operational technology (OT) community has been having for years about cyber readiness — and brought them to the proverbial kitchen table. The discussion has landed on the office desks of policymakers and regulators, too.

Dragos produced an executive summary of their annual ICS/OT Cybersecurity Year in Review, providing a high-level overview of data-driven insights and lessons learned from within the industrial community. The paper also gives industrial facility owners and operators an outline for actionable information and recommendations to help them more fully understand cyber risks to their ICS/OT environments and strengthen their cyber readiness which includes how to:

• Build a more defensible architecture
• Bolster OT monitoring capabilities
• Strengthen remote access authentication
• Better prioritize OT vulnerability management
• Continually improve the ICS/OT incident response plan

Learn more about how industrial organizations can progress in their cybersecurity readiness and where they need to continue their work to provide safe and reliable operations into 2022 and beyond.

This article was produced by Scoop News Group for CyberScoop for, and sponsored by, Dragos.