• Partners
  • Contact Us
  • Client Support
Coretelligent
  • About
    • Why Choose Coretelligent As Your Managed Service Provider?
    • Core Values
    • Leadership
    • Testimonials
    • Careers
  • Solutions
    • Overview
    • IT Planning & Strategy
    • Comprehensive IT Support
    • Security & Compliance
    • Unified Cloud Management
    • Backup & Disaster Recovery
    • Co-Managed Services
  • Industries
    • Overview
    • Financial Services
    • Real Estate
    • Life Sciences
    • Technology
    • Professional Services
  • IT Resources
    • Resource Library
    • Blog
    • Events
    • Press Releases
    • Media Coverage
  • Contact
  • Search
  • Menu

Insights Articles

Our Information Technology Views and Articles

Cybersecurity Advisory on Ensuring the Security of Operational Technology

Insights
July 7, 2021

Operational TechnologySome of the government’s top agencies tasked with cybersecurity (the NSA and CISA) have recently shared serious warnings about increased cyberattacks on operational technology and critical infrastructure.  The Colonial Pipeline ransomware attack and the Cape Cod ferry attack are examples of recent high-profile successful attacks on operational technology systems.

“As we’ve said many times, our adversaries are capable, imaginative, and aim to disrupt essential services, so it is important that we make sure we are staying ahead of them,” said Bryan Ware, Assistant Director for Cybersecurity, CISA, earlier this year.

What is Operational Technology (OT)

Most people have a firm grasp on what IT, or information technology, encompasses but have never heard of OT, or operational technology. OT integrates hardware and software that guide the operations of infrastructure and industrial equipment and processes.

Common examples of OT assets include building management systems and physical access and security systems. In addition, ATMs are common operational technology assets that many of us utilize every day.

Why Am I Hearing About OT All of a Sudden?

These systems used to be entirely offline, but technological advances, including Internet of Things (IoT) technology, have brought many industrial processes and operational assets online. This trend is part of Industry 4.0, which is driven by interconnectivity, automation, machine learning, and real-time data. Think of it as the industrial revolution but set in the information era.

However, sometimes innovation bursts to the forefront before the consequences of real-world implementation catch up. For example, many legacy OT assets that are now connected to networks around the world do not have extensive cybersecurity controls—cybersecurity wasn’t necessary before they were accessible via the internet. Additionally, the innovation and use of IoT technology are ripe for exposing security gaps as industries and companies rush to capitalize on efficiencies and growth potential from the technology.

What Sectors Utilize OT?

The obvious industries impacted are ones seen in the news recently—energy pipelines, mass transit, and food production—but many other sectors also have the potential for exposure. For example, biotech and pharmaceutical companies that utilize OT in manufacturing processes, the use of Supervisory Control and Data Acquisition (SCADA) in industrial construction and real estate development, and in the banking and finance sector with the growth of automation systems like Robotic Process Automation (RPA). While not all sectors are vulnerable to direct OT attacks, most are indirectly vulnerable—primarily from attacks on supply chains, mass transit and transportation systems, energy distribution, or similar all-encompassing infrastructure.

Key OT Cyber Security Takeaways

The solutions for protecting OT are very similar in many ways to protecting IT.  Here are just some of the items to consider when evaluating your operational technology risk.

  • Evaluate – Every connection between OT and IT increases the risk of potential OT exploitations, so experts recommend that only critical OT assets should be connected to networks and not just for convenience’s sake. Instead, thoughtfully consider the potential risks and rewards or making new or supporting existing OT connections to your networks.
  • Harden – Additionally, any OT connections should be hardened to the greatest degree possible and include strict controls on remote access services, strong password management, the use of a VPN and encryption of remote access, among other protections. Patch management should also be a priority in OT security to help protect against known exploits.
  • Monitor – Implement real-time monitoring and log access attempts to detect unauthorized access attempts and other malicious activity.
  • Plan – With increased risk comes the potential for an incident. Therefore, risk management is not just about avoiding an attack but should also include creating an incident response plan that includes OT assets and IT.

About Coretellligent

Led by world-class technology experts, Coretelligent offers best-in-class services covering a full range of technology needs: 360 Support, Unified Cloud Management, CoreBDR, and CoreArmor. Top-tier organizations in the financial services, life sciences, technology, legal, real estate investment, and professional services sectors rely on Coretelligent to maximize their technology return on investment.

by Jen Wallace
Tags: cyber attacks, cybersecurity, Life Sciences, operational technology
« Coretelligent Kaseya RMM – Proactive Security Hardening UpdatesHow Can a Virtual CIO Improve Your IT Strategy? »

Latest Insights / Articles

May 18, 2022

The Dangers of Data Exfiltration in Cyber Attacks

April 28, 2022

3 Things Your CISO Wants You to Know About Risk Management

April 25, 2022

Understanding Common Vulnerabilities Facing Life Sciences

April 25, 2022

10 Questions to Ask a Potential Managed IT Service Provider

Read our Latest Resources
Best Practices for Safeguarding Against Critical Cyber Threats

Safeguard Against Critical Cyber Threats

Download Now
Strategic IT Planning

Paving the Road to Success with Strategic IT Planning

Download Now
Solving Cybersecurity for Financial Services On-Demand Webinar

Solving Cybersecurity for Financial Services On-Demand Webinar

Download Now

About

  • Why Choose Coretelligent As Your Managed Service Provider?
  • Core Values
  • Leadership
  • Testimonials
  • Partners
  • Careers

Solutions

  • Overview
  • IT Planning & Strategy
  • Comprehensive IT Support
  • Security & Compliance
  • Unified Cloud Management
  • Backup & Disaster Recovery
  • Co-Managed Services

Industries

  • Overview
  • Financial Services
  • Real Estate
  • Life Sciences
  • Technology
  • Professional Services

Contact

Sales & Support: 1-855-841-5888

Email: info@coretelligent.com

Support Service Center

Let’s Talk

Schedule a no-obligation consultation.

Contact Us Today

Locations

Atlanta

Boston

Chicago

Dallas

Houston

Los Angeles

Maryland

New York

Philadelphia

Portland

San Francisco

Stamford

Tampa

Washington, D.C.

West Palm Beach

Virginia

Follow Us

  • Facebook
  • Twitter
  • LinkedIn

© 2022 Coretelligent. All rights reserved.

Privacy Policy

CCPA Privacy Notice

Scroll to top

This site uses cookies. By continuing to use this site, you accept our use of cookies. Our privacy policy was recently updated on November 2, 2018. Learn more about our Privacy Policy here.

I Accept