cyber trends
ONGOING DIGITALISATION
HAS INTRODUCED NEW RISKS
TO HISTORICALLY ‘SECURE’
INDUSTRIAL NETWORKS. THIS
CONVERGENCE OF IT AND OT
REQUIRES A FRESH APPROACH TO
CYBERSECURITY. MARCUS JOSEFSSON,
DIRECTOR – MEA AND RUSSIA AT NOZOMI
NETWORKS, TELLS US ABOUT THE KEY
THREATS, HOW NOZOMI IS HELPING TO
MITIGATE AGAINST THEM AND HOW
CISOS CAN BUILD A SUCCESSFUL
OT SECURITY STRATEGY.
W
Securing OT
networks
What kind of challenges have
been created by the convergence
of IT and OT?
Prior to this convergence and digitisation,
OT had an air gap – it wasn’t connected
to anything. That’s not there anymore so
that is a big challenge. All of a sudden we
are now seeing networks that were never
connected, being connected.
The second challenge is that a lot of
devices that were previously 100%
proprietary are now becoming more
mobile IoT devices.
And of course, this opens you up to
exactly the same challenges that you’re
having in IT but the stakes are higher.
Here it’s critical national infrastructure
(CNI) or airports or waterworks or the
electricity grid. So if something goes
wrong, the stakes are higher. In IT,
someone doesn’t get an email, which is
18
All of a sudden we
are now seeing
networks that were
never connected,
being connected.
not great, but if electricity stops flowing
then we have bigger problems.
How targeted is CNI and why –
what is the motive of attackers?
There are two different threat scenarios.
One is the typical threats like
ransomware and attacks from organised
crime groups motivated by money or
doing it for fun. That is very similar to
IT. But then we also have nation state
attacks. Being able to attack OT is just
another weapon in their arsenal.
They’re constantly trying to get into
the network, they’re scanning, they’re
building reconnaissance, etc.
How are organisations in the
region responding?
They’re responding faster. If you take
a country like the Kingdom of Saudi
Arabia (KSA) or the UAE or other
countries in the Gulf which have a big
oil production for instance, it’s such a
big part of the economy.
If something happened to these
infrastructures, that would have such
economic disruptive effects.
Issue 21
|
www.intelligentciso.com