search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
CYBERSECURITY TIME TO BOLSTER INFRASTRUCTURE DEFENCES


Carlos Buenano, CTO for OT at Armis, discusses the importance of safeguarding


manufacturing and critical infrastructure from cyber threats


P


rior to preparing for the coming year, it’s important to first contextualise the severity of the threats facing the UK’s critical infrastructure. Manufacturing, for example, saw a 37% increase in ransomware attacks in the last 12 months, according to Armis Labs, 2024. Critical infrastructure sectors such as energy, water, transportation, and healthcare are becoming prime targets for cyberattacks, particularly from nation-states and advanced persistent threat (APT) groups. The goal of these attackers is often to create widespread disruptions that destabilise economies or gain political leverage.


Such a steep upturn in critical events has elevated the focus on cybersecurity strategy, provision and resilience. Critical National Infrastructure (CNI) must prepare to bolster defences and take steps to enhance the resilience of their mission-critical processes. Ransomware attacks are evolving beyond IT environments and are now specifically targeting OT systems, such as industrial control systems (ICS) in manufacturing plants. These attacks are aimed at halting production lines, leading to prolonged downtimes and severe financial losses. Attackers recognise the high stakes in manufacturing, making these companies more likely to pay the ransom quickly.


As OT systems become more connected and integrated with IT networks, the risk of lateral movement from IT to OT environments increases. The adoption of Zero Trust architectures in OT systems is growing as a way to mitigate these risks. Zero Trust assumes no device, user, or connection is trusted by default, requiring strict authentication and continuous monitoring at every access point. Implementing Zero Trust can reduce unauthorised access and minimise the damage caused by compromised credentials or insider threats.


Many manufacturing and industrial facilities continue to rely on legacy OT systems that were never designed with cybersecurity in mind. These systems often lack encryption, proper authentication mechanisms, and patch management capabilities, making them easy targets for cybercriminals. As replacing these systems can be prohibitively expensive, organisations must find ways to secure them. This might include the use of network


segmentation, mitigating controls, and the deployment of security patches whenever feasible. Additionally, real-time monitoring of traffic patterns for unusual activity can help detect breaches in these environments. AI-driven cybersecurity solutions are rapidly becoming a cornerstone in OT environments as cyberattacks increase in frequency and complexity. These tools can analyse vast amounts of data in real-time, using predictive analytics and anomaly detection to identify threats before they cause significant damage. AI can also improve efficiency and automate incident response processes, allowing systems to react faster than human operators, and even block or contain threats in real-time. This proactive approach is critical, as traditional, reactive security models struggle to keep up with evolving threats. Manufacturing supply chains are highly interconnected, with multiple suppliers and third-party vendors contributing to production processes. Attackers are increasingly exploiting these relationships, targeting weak links to infiltrate OT systems. Once inside, they can cause production delays, manipulate product quality, or steal intellectual property. Protection involves securing one’s own systems, and also ensuring the security of all partners within the supply chain.


The line between IT and OT networks is becoming increasingly blurred as organisations embrace digital transformation. This convergence creates new vulnerabilities, as a breach in IT can now have direct consequences on OT systems. To address this, organisations are moving toward unified cybersecurity platforms that offer the capability of real-time visibility and protection across both IT and OT. Attacks on OT systems can result in real- world, physical damage. For example, a cyberattack on a power plant can cause


electrical outages, while an attack on a transportation system can lead to accidents or delays. This means cybersecurity must be treated as a priority to prevent catastrophic outcomes.


As the threat landscape for OT systems expands, regulatory bodies around the world are introducing stricter compliance for OT cybersecurity. Regulations such as the NIS2 (Network and Information Security) Directive in the EU, mandate strong cybersecurity controls, ongoing monitoring and the disclosure of cyberattacks. Organisations must demonstrate compliance through audits and continuous risk assessments.


The proliferation of Internet of Things (IoT) devices in critical infrastructure sectors has dramatically expanded the attack surface. These devices, often deployed without robust security measures, can serve as entry points for cybercriminals to access core OT systems. For example, compromised IoT sensors, such as smart meters in a power grid could disrupt monitoring and control functions, leading to major power outages. Securing IoT devices requires strong encryption, regular patching, and strict access controls.


As OT environments become more dispersed geographically, cloud-based security solutions are gaining popularity. These solutions enable centralised monitoring, management, and threat intelligence sharing across multiple sites, improving visibility and incident response times. Cloud platforms can offer scalable security services such as real- time threat detection, endpoint protection, and automated response, all of which are crucial for protecting OT environments. By taking cybersecurity steps now, organisations can protect against increasingly sophisticated threats and ensure the continued safe operation of critical infrastructure and systems.


Armis www.armis.com


FEBRUARY 2025 | PROCESS & CONTROL 37


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48