Intelligent Tech Channels Issue 47 - Page 38

Building a robust OT security programme

As hyperconnectivity sweeps across industries , OT cybersecurity has risen to the top of the CISO ’ s priority list . But this complex environment requires a different approach than enterprise IT . Robert M . Lee , the CEO of Dragos , tells Intelligent Tech Channels ’ Jess Abell about the various types of attacks and threat groups , the importance of threat intelligence and why the Middle East is an important region for the company .
Jess Abell
Why is there more attention on Operational Technology ( OT ) and ICS cybersecurity now than in times past ?
For a long time , organisations have fully appreciated the need to protect critical infrastructure , and it ’ s been a message carried by governments too . However , historically , companies have prioritised enterprise information technology environments . Though that was probably the right call for a long time , the reality is that OT environments are so important as the revenue-generating side of the house and the one that impacts the environment and safety , etc .
That side of the house has only ever been firewalled off but , as companies worldwide go through Digital Transformation or hyperconnectivity , we ’ re starting to see those OT environments being connected in a significant way and , therefore , an increase in the threats that are actively targeting them .
Organisations have realised that we have underappreciated the risk on the business side that is important for society , so we ’ re seeing a pendulum swing now where they are starting to invest back in OT security .
How much of a risk do ICS adversaries pose to organisations , particularly in the Middle East region ?
The risk is high , but we all need to appreciate that the frequency will be higher in enterprise IT – we ’ re going to see more phishing emails and exploitation of IT environments than we ’ re going to see in terms of exploitation and accessing of operations environments .
However , the impact of a phishing email or the effect of compromising data in the enterprise , while meaningful , is nowhere near the same as the impact when you take down safety systems or critical systems or the ability to impact national security .
Tell us more about the different types of attacks , threat groups and what they ’ re seeking to achieve ?
We see a wide variety of groups . Some have already crossed the divide and taken down infrastructure or tried to hurt people , such as the attacks in the Kingdom of
Saudi Arabia ( KSA ), which went after the safety systems in a petrochemical plant . There are three or four groups that have
Robert M . Lee , CEO , Dragos gotten to that level , though they were working on those capabilities for four or five years beforehand .
38