Nozomi Networks believes that 2023 will be a pivotal year for cybersecurity developments in the OT and ICS industries.
Danielle Jablanski, OT Cybersecurity Strategist, Nozomi Networks, says that as cybersecurity moves toward 2023, the trends of the past few years are holding strong.
She says that rapid innovation in the OT and ICS sectors is evident, and security remains of the utmost importance.
“In the coming years it will be more important than ever for companies to clearly understand their operational technology assets.
Jablanski notes that predicting the future of the operational technology (OT) and industrial control systems (ICS) industries is challenging due to the fact that data in these fields is often difficult to access.
She says that by 2023, increased cybersecurity investments will need to be made to protect against ransomware, unplanned downtime, and other potential threats. She also says it’s particularly important as a recession could worsen the impact of these threats on businesses.
“As we enter 2023, enterprises are finding the right operating model for OT security, managing with limited internal skills and reworking already established IT responses. IT and OT have traditionally been substantially different fields with divergent priorities.
“For OT, IT teams may not have access to the correct OT knowledge to process data in a triage or response situation, while OT engineers have this full knowledge of continuity and security issues, but not they necessarily have the IT expertise to understand how to do it. to process security data and assess continuity impacts.
Jablanski says that collaboration with governments and other organizations has led to a more holistic understanding of risks and solutions, and this will only continue as new threats emerge. He also believes that IT continuity and risk assessments will extend to OT, using risk and impact frameworks to develop scenarios that could play out on the industrial side of the business.
Market analysis also predicts a significant boom, with sensing, digital transformation, operational resilience, interoperability, governance, and standards being critical drivers of demand.
Jablanski says the INCONTROLLER attacks of 2022 proved that ICS was not immune to cyber threats. Although this attack was thwarted before any such incident, it was only the fourth malware attack targeting ICS.
“With the increasing integration of ICS into organization-wide networks, the profitability of an attack has increased, as has the surface area for vulnerabilities,” he says.
It was noted that both the public and private sectors worked on internal governance in 2022, and collaboration with the private sector will provide greater situational awareness and better analysis of industries at risk in 2023. Jablanski says that internal governance will work to build even more asset inventories. , delegate security responsibilities and unite OT and IT under one umbrella.
Behavioral analysis and anomaly detection are also set to play a key role in improving threat intelligence and overall security postures for network operations.
“Anomaly detection can alert to deviations from normal communication patterns, as well as variables within processes, such as sensor readings and flow parameters,” Jablanski says.
“By combining this process data with communications data, we can gain actionable intelligence that informs security procedures and reduces overall risk.”
Jablanski ends by highlighting that, globally, the importance of protecting critical infrastructure and building resilience in industrial sectors and hyper-connected facilities is becoming increasingly evident.
“Governments, public-private partnerships, insurance providers, and international organizations are recognizing the need for robust cybersecurity measures in the face of growing threats,” he says.
“In the coming year, trust and verification will be more important than ever for OT cybersecurity stakeholders, who are concerned with everything from physical security and environmental impacts to the provision of goods, services and resources” .