Industrial Cybersecurity Pulse’s top 5 articles from June 2023 covered zero-trust architecture, protecting manufacturing execution systems (MES) and driving Industry 4.0 through information technology (IT) and operational technology (OT) convergence. Here is our top-performing content from the past month.
1. Podcast Ep. 26: Dennis Hackney on Zero Trust in OT
By Gary Cohen and Tyler Wall, CFE Media and Technology
Zero trust is a security framework that requires all users, from inside and outside an organization’s network, to be authenticated, authorized and continuously validated for security configuration and posture before being granted access to applications and data. You’ve heard it since you were a child: You should never trust strangers. This same concept also applies when protecting your operational technology (OT) devices. Dennis Hackney, adjunct professor at Texas A&M University and seasoned cybersecurity practitioner, joined ICS Pulse on the podcast to discuss zero trust in OT and how it applies to other standards.
2. Podcast Ep. 27: Sung Kim on Protecting MES
By Gary Cohen and Tyler Wall, CFE Media and Technology
A manufacturing execution system, or MES, is a software system that monitors, tracks, documents and controls the process of manufacturing goods from raw materials to finished products. While good for business, MES can be targeted by attackers to gain unauthorized access to sensitive data, intellectual property and production processes. Sung Kim, chief product and technology officer at iBase-t, joined us to discuss why MES are prime attack vectors and what can be done about it. In this discussion, Kim explains why MES are vulnerable, what can happen when they get attacked and how to protect MES from insider attacks.
3. Throwback Attack: Christmas attack on SickKids hospital prompts rare apology from LockBit
By Gary Cohen, CFE Media and Technology
Over the years, a standard formula for Christmas movies has been well established. Some villainous miscreant attempts to sabotage the holiday season, ruining it for a group of kind-hearted but downtrodden children. In the end, the Christmas spirit reigns supreme, and goodness triumphs over evil (See: “A Christmas Carol,” “Home Alone,” et al.). In a perfect malevolent storm of Grinchian proportions, hackers attempted to make this cinematic trope a reality just days before Christmas in 2022. On Dec. 18, Canada’s Hospital for Sick Children, better known as SickKids, was hit by a LockBit ransomware attack that impacted its internal systems, phone lines and website.
4. Balancing the scales: How IT/OT convergence is required to support the next industrial revolution
By Benjamin Arnold, Interstates
There have been plenty of industry discussions around the need for IT/OT convergence. Much of the talk has concerned investment in cybersecurity, but in reaction to what? While there is good cause to be proactive in terms of cybersecurity, is there a better reason for driving business value from IT/OT convergence? What is it about digitization, the motivating force behind Industry 4.0, that can deliver business value? And finally, what is it about the separation of the IT and OT disciplines that requires convergence in the first place?
5. The best advice for end users trying to secure connected OT devices
By Suzanne Gill, Control Engineering Europe
Though more and more devices are now connected in manufacturing environments, many organizations still struggle to keep their OT systems cybersecure. Protecting OT can rely on some of the same tried-and-true techniques used by IT professionals, but there are still major differences that can’t be ignored. Much of this cybersecurity gap can be traced to a lack of communication between the two sides. Suzanne Gill posed the following question to a variety of cybersecurity experts: What is the best piece of advice you can offer end users keen to ensure that their connected OT devices do not offer a potential attack surface for bad actors?
Do you have experience and expertise with the topics mentioned in this article? You should consider contributing content to our CFE Media editorial team and getting the recognition you and your company deserve. Click here to start this process.
