The culture clash between IT an OT operators has taken a back seat to three emerging security issues for the industrial control systems (ICS) community.
In an article for the ISA Global Security Alliance, Danielle Jablanski, senior research analyst at Guidehouse Insights, says debates over proprietary versus open source security tools, supply chain management battles, and an increasingly bleak landscape of Internet of Things (IoT) vulnerabilities are major hurdles facing security leaders and security operations centers.
With this issues in mind, and as cybersecurity incidents like SolarWinds and smart device source code breaches become more common, Jablanski says it’s time to get serious about securing ICS.
“Piecemeal approaches to vulnerability patching and compliance box checking won’t prevent sabotage by a threat actor,” she said. “Critical sectors need to take note and plan inquiry and action to perform bottom-up assessments of critical operations, systems, and information.”
To build real momentum, she added, organizations need to do reconnaissance on their operations and begin testing their assumptions. Jablanski noted two new standards that may help:
Complexity demands a trusted guide with the unique expertise and cross-sector versatility to deliver unwavering success. We work with organizations across regulated commercial and public sectors to catalyze transformation and pioneer new directions for the future.