Insight

Moving security to the left

Protecting OT takes both strategy and technology

Brad Raiford

Brad Raiford

Director Advisory, Cyber Security Services, KPMG US

+1 832-527-5624

With high-profile cyber attacks disrupting critical infrastructures and the global supply chain repeatedly over the past year, the destructive potential of these threats calls for a renewed focus on building a robust cyber defense.

Among the most concerning of these attacks are ransomware threats that affect operational technology (OT), where the devices that drive physical processes in industrial environments, from gas lines to food processing plants, are forced to shut down. The increased prevalence of these threats is in large part due to the convergence of information technology (IT) and OT in what is known as “IT-OT convergence.”

These sensitive OT environments can be directly compromised by ransomware, such as with the EKANS ransomware that targeted 64 industrial control system (ICS) processes in its “kill list.” They can also be indirectly affected, such as the case with a major US refined oil products pipeline company incident, where IT systems were first compromised, and OT systems were then shut down intentionally by the organization out of an abundance of caution.

There is no silver bullet for cyber security. No single technology or strategy can protect an organization against cyberattacks that are constantly getting faster, stealthier, and more sophisticated. Rather, there are both strategic considerations and sophisticated technologies that need to be employed as preemptive measures by all prudent organizations in the face of the rising tide of ransomware that disrupts industrial environments.

Learn more in the KPMG and Darktrace paper.