What does the threat landscape look like right now for OT?

This post was written by: John Clifton

Joining us for episode 50 of The Tech That Connects Us was David Brown Vice President and General Manager, International Sales – ZeroFOX. We heard his insights on the OT domain – where he’s headed up both IPOs and acquisitions, what really keeps CISOs up at night, alternative models for industry events, how to recognise the potential in new hires and that’s just the tip of the iceberg.

One question Jake Sparkes and John Clifton put to David was ‘What does the threat landscape look like right now for OT?’ Here’s what he had to say.

“There’s no doubt that there are more types of attacks now on OT. We’re seeing ransomware popping up a lot more commonly, or at least we’re hearing about that more now. 

One of the interesting bits about OT is actually when you look at the infrastructure it’s built on. I’d still say that Windows NT and XP are probably the most prevalent operating systems in an OT environment around the world. 

So what does that mean? It means that there’s a tonne of exploits available straight off the internet, you don’t need to be that smart. But if you work up through the levels of sophistication and if we’re talking about large organisations they’ve got quite a sophisticated security posture. 

The two things that I think are really interesting at the moment in that space is the consolidation of the technology to see what’s going on in your OT network. Because if you are a CESO or an information security director then you’ve got more flashing lights than you know what to do with. You may also have an ageing workforce without the domain expertise to understand what’s going on. 

So I think there’s going to be a bigger drive for how do you consolidate all that stuff into a single pane of glass, there’ll be a drive to provide either AI or a managed service that provides recommended actions and remedial work for the top three to five actions that the organisation needs to be focused on. And those actions will be evidenced by what’s going on outside in the rest of the world. 

The second thing that’s of interest at the moment is risk. So you’re seeing now there are new bills going through in the US, and CESOs are looking at what’s the risk across all of my platforms IT and OT. A drive for this is that it’s not been so easy to understand what’s going on with OT, because you’ve had all these flashing lights and an unconnected system, with a lot of tech but it’s just not connected.  

The reason they want to know what their risk is because there’s also a developing insurance market where a number of insurers are getting together and looking at how they can take IT and OT cyber risk and turn that into a sellable product. When we look at the potential of that market it’s probably 30-40 times the size of the complete OT market. What I can see we will get to in the next 2-3 years is a similar system to the black boxes currently being used by vehicle insurers, so you’ll have a premium and it will vary depending on your attitude to risk and your controls that are in place across the whole estate. That then allows organisations to make an economic decision because you might say I will stand the increase in premium which justifies me doing these things across my plant. 

This then becomes a very much return on investment decision. It’s not about fear, uncertainty and doubt it’s actually about economic imperative.” 

Every Wednesday we sit down with some of the biggest names in our industry, we dedicate our podcast to the stories of leaders in the technologies industries that bring us closer together. Follow the link here to see some of our latest episodes and don’t forget to subscribe.     

Let's talk

    Or contact us on one of our social profiles.

    Facebook Icon Twitter Icon LinkedIn Icon