Business leaders who have security as part of their overall business strategy discussion are better positioned to balance the technologies, processes and resources needed to anticipate constantly evolving cyber risks.
The term ‘operational technology’ (OT) refers to the hardware and software used to control industrial processes and infrastructure, particularly in industries such as energy, mining, utilities, manufacturing and transport. A cyber-attack on an OT environment can have serious and wide ranging consequences beyond just financial losses – including prolonged outages of critical services, environmental damage and even the loss of human life. There are highly skilled and motivated adversaries actively seeking to exploit the security weaknesses in OT networks, process control systems and critical infrastructure. Their motivations range from economic benefit and espionage through to malicious disruption and destruction.
While many operators in these sectors have recognised the need to increase focus and spending on the security of their corporate IT systems, this has not been matched for OT systems, leading to critical vulnerabilities.
In this publication, we identify the 10 most common security flaws in OT networks based on our teams’ experience conducting cyber security assessments and penetration tests across the globe.