Operational technology (OT) is a favorite target for threat actors. OT security incidents can impair business-critical operations, disrupt essential services, and even threaten public health and safety. Numerous disconcerting OT cybersecurity events made the headlines in 2022 including:
- An attack on a UK water company where adversaries gained access to the systems used to control the chemical levels in public water supplies
- A Canadian mining company incident that shut down mining operations for over a week, affecting revenues
- An attack against a US agricultural equipment company that disrupted manufacturing operations at multiple production facilities, impacting business results
Going forward, operators of OT systems must take a fresh look at their security systems, processes, and design principles to reduce exposure and comply with emerging government and industry regulations. This paper examines some of the OT security challenges accompanying digital transformation, reviews the OT threat landscape, and describes practical steps OT systems operators can take to improve cyber readiness and mitigate risk.
