Now more than ever, hackers are targeting operational technology (OT). Critical manufacturing businesses rely on these systems to sustain operations. But these same companies often have ad hoc OT cybersecurity. Makeshift protection is no match for ransomware and other threats that cause business disruption, data theft, reputational damage, and financial losses. What's more, cyber threats are intensifying: Emergent malware is designed to exploit OT vulnerabilities at scale. Most OT security incidents start with external threats and lead to operational disruption, research has shown, and the manufacturing sector is reportedly a top target for ransomware.
Faced with rising risks and regulatory scrutiny, organizations need a more proactive approach designed to ensure safe, reliable, and continuous operations. The solution is to build in-depth security for OT systems. We recently published a cybersecurity guide for OT-enabled critical infrastructure businesses and four steps for integrating OT and IT cyber incident response capabilities. Now, we’ll continue the conversation by describing seven steps that manufacturing companies can use to create defense-in-depth OT security strategies. These steps are for chief information security officers, OT security leaders, and their teams.