Building resilience in operational technology

The COVID-19 pandemic has led to increased cyberattacks on operational technology systems. These attacks can significantly impact industrial operations, which is why organizations must quickly find solutions to prevent them.

It is widely recognized that cybersecurity is now a top priority for organizations across all sectors, especially those in manufacturing. According to McKinsey, around 90 percent of manufacturing organizations experienced production or energy supply disruptions due to cyberattacks in 2021.

Improving cybersecurity for operational technology (OT) is a complex task, as it presents barriers in multiple areas such as technical (e.g., legacy and remote solutions), operational (e.g., determining ownership of IT and OT teams in the process), and investment (e.g., shortage of trained personnel). However, as the world becomes more digital, industrial organizations are making progress in securing OT environments by following three key principles:

Strengthening technological foundations. Using modern technology, organizations securing OT environments with proper access controls and standardized security measures.

Assigning clear responsibilities. Clarifying the responsibilities of OT and IT teams' responsibilities and external partners' responsibilities enables prompt response to cyber incidents.

Increasing risk-aware capabilities and mindsets. Organizations can proactively involve all stakeholders in building risk-aware capabilities and mindsets by offering proper incentives.

How cyberattacks threaten operational technology environments

Cyberattacks on OT systems have more severe consequences than IT attacks, as they can lead to physical damages like shutdowns, outages, leakages, and explosions. In 2021, there was a 140% increase in publicly reported OT cyberattacks compared to 2020, and approximately 35% of those attacks had physical consequences. The estimated damages for each incident were $140 million.

The geopolitical risks in 2022 resulted in an 87% increase in ransomware incidents, with 72% occurring in Europe and North America. Cyber attackers often use ransomware and less-secured third-party connections to target OT devices, which can halt production and operations. Industrial organizations face technical and operational challenges when protecting against such attacks.

How to secure operational technology environments

Industrial organizations recognize the urgent need to invest in OT cybersecurity, as cyberattacks on operational technology systems can have devastating physical consequences. However, many organizations face challenges in implementing OT cybersecurity measures, with 70 percent of those who have invested facing implementation hurdles. Organizations must assess their OT assets and operations through a dual approach combining top-down operational assessments with bottom-up asset analyses to improve. This allows for the identification of critical risks and the development of actionable recommendations to prevent attacks.

Organizations must focus on three principles to enhance OT cybersecurity:

Strengthening technological foundations

Ensuring value-driven OT operations

Increasing cyber-aware capabilities and mindsets

This requires a combination of the organization's technologies, processes, and capabilities. Key factors for success include secure-by-design, implementation, and configuration for OT environments, standardized security procedures to align IT, OT, and external partners, and proper incentives to ensure all stakeholders are aware of and able to reduce cyber threats proactively.