There’s a perfect storm coming in 2024, predicts Omny CTO Haakon Mørk, and it’s dramatically altering the cybersecurity landscape for the industrial world. Here he lists out priorities to take and some key factors influencing those priorities as we into the new year.
"This storm will be felt by industry, and to defend industrial operations from rising threats, organizations will need to have clear prioritizations and smart risk mitigation," Mørk explains.
To begin with, here are some key factors Mørk sees influencing the industrial cybersecurity landscape in 2024.
Factor one
The first factor hitting industry in 2024, according to Mørk, is the changing regulatory landscape, such as the EU’s NIS2 directive, which will come into play next year. It’s a directive that forces organizations of all types, and critical asset owners in particular, to confront their vulnerabilities, face the risks head-on, and plan for how to mitigate and protect their operations from cybersecurity incidents.
Factor two
Next, there is the threat landscape itself. With the unstable geo-political situation, a planet struggling to combat climate change, combined with the ease of access to ‘how-to’ hacking guides widely available on the internet, the threat picture has become much bigger, bolder, and more likely to happen.
Factor three
The final element in this perfect storm is the widening digital surface across industry. As more industrial operations are transforming, the surface area for cyber-attack grows. It means, Mørk explains, that more attacks will be more successful, as there’s simply more space to target.
It’s time to start preparing your industrial cyber defenses for 2024.
“The threat picture may seem grim, but there are actions that can be taken now to protect yourselves and your operations. It’s about equipping the right people in the organization with the right information, just as we do in IT cybersecurity, so too can organizations take quick action on low hanging fruit, while also preparing, and preventing against worst case scenarios," adds Mørk.
And for that, Mørk suggests 3 priorities that should top the industrial cybersecurity agenda:
Priority 1: Get visibility over your operations
In the IT cybersecurity world, the people responsible for the security of your operations are armed with information across all devices, types of software, and common vulnerabilities. This is cyber visibility. However, in the operational technology (OT) security world, this is lacking. Most industrial companies today still do not have operational cyber visibility across these interconnected machines, nor into their vulnerabilities.
“The first step in your cyber risk planning is to get this visibility, know what’s there and how you are configured. Only then, can you start thinking about priority two,” Mørk says.
Priority 2: Manage your assets from a cyber perspective
Now that you have visibility over your connected assets, the next step is to prioritize the management of the vulnerabilities. To do that, you need to understand the environment you are in and the potential impact of those vulnerabilities. In IT, if you see a vulnerability, you typically run a security update to ensure that all employees stay safe. In OT, it’s not as simple.
“Running a patch on the signaling system for a railroad for example, may have serious implications, such as the risk of downtime. To properly manage your assets from a cyber perspective, it’s essential to understand the cause and effect of the vulnerabilities at play and how that may have consequences for your operation,” explains Mørk.
Priority 3: Take action to mitigate risks
The first priority is to get an overview of your operations and all its connected parts. The second priority is to manage (and understand the cause and effect) of all those connected parts. Which means the third priority is all about taking action to reduce your risk. To do this, you need to be smart about how you budget for your OT cyber defenses, because chances are you don’t have an endless pool of money. That’s why you need to assess where you get the biggest bang for your buck.
“You need to look at two things. First, what are the most important assets to protect? These are your crown jewels, but that doesn’t necessarily mean throwing your entire budget at protecting them. You should see this in the context of what’s most likely to happen. What are the most common threats?” says Mørk. “Essentially, find the middle ground between what’s most important to protect and what’s most likely to happen, and then design your budget accordingly.”
With so much happening this year, industrial companies may not know where to even begin. We created Omny Advisory Services for this specific purpose. Why not take a moment to speak with our team and see how the experts at Omny would suggest you continue your industrial cybersecurity journey? Touch base with us through this link.