The news out today from Cisco about a massive breach of routers and storage devices – including notable infections in Ukraine – shows that hackers continue to attempt to penetrate the Information Technology (IT)/Operational Technology (OT) barrier. Common techniques like spear phishing and credential compromise, as well as what we’ve seen from past attacks like NotPetya, expose the requirement for basic defenses like proper segmentation and patching in the OT area. A strong identity tie-in and multi-factor authentication for access to a plant is the baseline. As companies and agencies evolve their cybersecurity strategies, the need for risk-adaptive protection to understand the behavior of the adversary in the industrial or operational portion of the network is even more important.
- George Kamis is CTO of Forcepoint global governments and critical infrastructure