Intelligent Tech Channels Issue 47 - Page 39

We see another 12 or so groups behind , exploring and attempting to access operations environments . They ’ re trying to research industrial control systems and perform reconnaissance against companies . These groups are getting into operations environments but not yet capable of carrying out the types of attacks we worry about . But if we look at that trend , we need to be cognisant that OT security is more than a project for a quarter .
Usually , you ’ re talking about a multi-year journey . We ’ re kind of in this storm path , where we ’ re trying to advise people not to overhype the problem , but realise the trend is getting to a place that we need to get ahead of it if we hope to keep our people safe three to four years from now .
As companies worldwide go through Digital Transformation or hyperconnectivity , we ’ re starting to see those OT environments being connected in a significant way and , therefore , an increase in the threats that are actively targeting them .
How can organisations best achieve the required level of asset visibility ?
It ’ s a cliché , but it ’ s true – it ’ s impossible to protect what you don ’ t know you have . Time and time again , when our incident response team gets called into cases ranging from targeted threat groups to ransomware cases , it ’ s consistent that there ’ s been a level of what we call ‘ prevention atrophy ’ in those environments .
In other words , there have been many good investments in preventative controls , firewalls , patching , passwords , robust access control , etc ., but they put all the focus into prevention to the detriment of visibility , detection , and response . Without that consistency of visibility , they end up missing things . We find that entities largely get that visibility by doing three things : 1 . Developing a good culture between the operations and the enterprise side . We need to educate people , but we also need to do it correctly .
2 . Start deploying technologies inside those environments to get consistent visibility .