Operational Technology and Cyber Security must walk hand in hand

by Danilo Maruccia
Principal Consultant & Business Partner @PQE Group

During the past two decades, we have seen an incredible evolution of technical solutions. The way companies used to operate only 20 years ago today is totally obsolete.
Nowadays many objects we use in our daily life are connected and are able to continuously exchange different kinds of information (health, economic, private life, etc.).
In this context of growth and development, the concept of security assumes a central role for all companies that become potential victims of cyberattacks of different nature against their IT & OT environments.

Cyber-attacks can bring to a halt the whole production department of a company, even for longer long periods if threats are not faced opportunely, causing huge capital losses for missing production and cost for recovering the systems from damage.
Security has become the watchdog of the OT production department, where a control process constitutes an important challenge for companies that need to maintain the delicate balance between efficiency and effectiveness.

Efficient and effective productions to ensure market competitiveness.

The global market, the social image and the fast response are some of the new factors that entered making their way into companies’ commercial strategy. The need to improve productivity with simplified processes and the introduction of increased automation into production departments are the right recipe. These are key points nowadays. Combining all these factors together like an equation, the useful result for the company is to have complete visibility of both internal and external corporate security.

Internal security is meant to mitigate the risks of mismanagement and business operations as much as possible. On the other hand, external security is aimed at protecting the company from unwanted attacks.

References

The main reference documents that can support you in creating your security framework are:

  • ISA 99 / IEC 62443, Industrial Automation and Control Systems Security
  • NIST SP-800-53, Security and Privacy Controls for Information Systems and Organizations
  • NIST SP 800-207, Zero Trust Architecture
  • MITRE ATT&CK framework for ICS

Want to know more?

How cyberthreats may affect your Operation Technology? What Practices to perform to put OT at safe?

Join our Live Webinar on september 30th for in-depth analysis by our experts, and claim your FREE Quick Assessment, available for all attendees.

 

PQE Group staff comprises experienced and skilled experts in multidisciplinary teams, available to support your company achieving the highest levels of safety for your systems.

Visit our Digital Governance services page to know more or to contact us, and find the most suitable solution for your company.

Related Articles