Dedicating Cybersecurity Resources to Critical Infrastructure

Power grids, water systems, transportation networks and other vital services are essential to communities but lack substantial cyber defenses. Their vulnerabilities make them tempting targets, whether for nation-states or cybercriminals. For instance, the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning earlier this year that a Chinese state-sponsored hacking group already has footholds in multiple networks operated by critical infrastructure organizations, with plans to move laterally through other networks.

Taking the steps needed to protect critical infrastructure requires recognizing that IT security is different from operational technology (OT) security and finding ways to bridge the historical gap between them. Unlike IT, which changes frequently, is software-driven and connects to the internet, most OT centers on hardware with a very long lifecycle and was never designed to connect to the internet. In today’s world, however, the spread of the Internet of Things (IoT) means that more and more OT devices such as sensors gather data from OT systems and transmit them to IT systems for analysis and control – creating a new pathway for hostile actors.

Learning Objectives:

• Review CISA warnings to understand the nature of the risks from OT/IT connections
• Identify steps to find and monitor connections between OT and IT devices, many of which may never have been noticed before
• Evaluate existing cybersecurity measures that can be adapted to incorporate protections for critical infrastructure