What is OT Security?

OT describes environments comprising of Industrial Control Systems (ICS). These include Industrial Automated Control Systems (IACS), Supervisory Control and Data Acquisition (SCADA) and Process Control Networks (PCN). Cyber risks pertaining to these environments pose a great threat to all of us. The ramifications of cyber-attacks in these domains could lead to calamitous and catastrophic outcomes.

Why is OT Security important for your organisation?

OT has a high inherent risk as compared to IT systems due to weak access control across physical & logical regions, high functionality-dependent design principles, and complexity of personnel involved in various project stages. Various vulnerabilities have been exploited by hackers worldwide, resulting in loss of public reputation, equipment damage, leakage of sensitive data and information, and even the lives of citizens. Typical contributing factors of vulnerabilities are:

Insufficient Cyber Security Awareness: In the cyber attack to Ukraine power grid in June 2017, the operators noticed their mouse cursors moved of their own accord, as the hackers remotely opened the circuit breaker via SCADA system and managed to disrupt the power supply to end users.

Low Regulatory Framework: In the cyber-attack to SingHealth in June 2018, there was no evidence that the Healthcare IT Security Incident Response Framework (SIRF) had been circulated or otherwise communicated widely to staff.