As hyperconnectivity sweeps across industries , OT cybersecurity has risen to the top of the CISO ’ s priority list . But this complex environment requires a different approach than enterprise IT . Robert M . Lee , the CEO of Dragos , tells Intelligent Tech Channels ’ Jess Abell about the various types of attacks and threat groups , the importance of threat intelligence and why the Middle East is an important region for the company .

Jess Abell

Why is there more attention on Operational Technology ( OT ) and ICS cybersecurity now than in times past ?

For a long time , organisations have fully appreciated the need to protect critical infrastructure , and it ’ s been a message carried by governments too . However , historically , companies have prioritised enterprise information technology environments . Though that was probably the right call for a long time , the reality is that OT environments are so important as the revenue-generating side of the house and the one that impacts the environment and safety , etc .

That side of the house has only ever been firewalled off but , as companies worldwide go through Digital Transformation or hyperconnectivity , we ’ re starting to see those OT environments being connected in a significant way and , therefore , an increase in the threats that are actively targeting them .

Organisations have realised that we have underappreciated the risk on the business side that is important for society , so we ’ re seeing a pendulum swing now where they are starting to invest back in OT security .

How much of a risk do ICS adversaries pose to organisations , particularly in the Middle East region ?

The risk is high , but we all need to appreciate that the frequency will be higher in enterprise IT – we ’ re going to see more phishing emails and exploitation of IT environments than we ’ re going to see in terms of exploitation and accessing of operations environments .

However , the impact of a phishing email or the effect of compromising data in the enterprise , while meaningful , is nowhere near the same as the impact when you take down safety systems or critical systems or the ability to impact national security .

Tell us more about the different types of attacks , threat groups and what they ’ re seeking to achieve ?

We see a wide variety of groups . Some have already crossed the divide and taken down infrastructure or tried to hurt people , such as the attacks in the Kingdom of

Saudi Arabia ( KSA ), which went after the safety systems in a petrochemical plant . There are three or four groups that have

Robert M . Lee , CEO , Dragos gotten to that level , though they were working on those capabilities for four or five years beforehand .

38