Cybersecurity from an attacker’s perspective. What businesses must do to boost IoT and OT security?

Industrial Control Systems (ICS) are critical to a nation's economy. As a result, a minor slip-up in their security can have a crippling effect on the nation's economic progress, in addition to the loss or damage, to proprietary information. The scenario can be best explained through two major cyberattacks that targeted critical ICS systems in 2022.

America’s largest satellite company Viasat faced the biggest cyberattack by Russia in February, when a ‘viper malware’ named AcidRain erased critical data from all its modems and routers, causing permanent disablement of their machines. In another instance, the Federal Bureau of Investigation (FBI) warned about USB-based attacks. Infected USB drives were purportedly mailed from the US Department of Health and Human Services or in gift boxes from Amazon. Such infected drives were planned to be used predominantly to infiltrate logistics, insurance, or military units and the infamous FIN7 was reportedly behind these attacks. The perpetrators had financial motives.

All this makes it clear why modern businesses should focus on observability regarding the Internet of Things and Operational Technology (IoT and OT) security. The significant factors hindering the progress of holistic cybersecurity measures are as follows:

• Increasing network connections and industrial network protocols
• Screenless systems
• Feasibility of security patches and updates
• Poor device and network management
• Insecure interfaces
• Skill gap

Much is at stake as industrial infrastructure gets more internet based. In a dynamic and unpredictable landscape, vulnerabilities in the cloud and challenges in IoT/OT lifecycle management put enterprise security and individual privacy at risk. The consequences are no less harrowing, ranging from financial damages to compromising national security.

Thus, stringent standards and processes should be in place to keep the private sector secure. Responsible for addressing OT concerns, the Cybersecurity and Infrastructure Security Agency (CISA) started the Joint Cybersecurity Defense Collaborative Industrial Control Systems (JCDC-ICS) group in April 2021. Its members include manufacturers, integrators, security providers, owner-operators, and device manufacturers. In addition, the President of the United States (POTUS), Joe Biden, released

cybersecurity standards labels for IoT devices. Setting the groundwork for the free flow of data and ideas with trust, the mandate, as quoted, works "to counter the exploitation of (Americans') sensitive data and illegitimate use of technology, including commercial spyware and surveillance technology." The major enforcements are underway, and some are due in the spring of 2023.

Chief Information Security Officers (CISOs) and Chief Information Officers (CIOs) have been implementing various strategies across all layers of the OT-IoT ecosystem for some time. However, according to our cybersecurity experts, the most important measures include the following:

• Baseline security standards
• Charting out principles and certifications across extended enterprises
• Charting out principles and certifications across extended enterprises
• Establishing Cybersecurity Mesh Architecture (CSMA)
• Proactive and remediation of threats
• Building Zero Trust (ZT)- based resilience and risk management architectures and frameworks
• Simulating the threat landscape to gain cyberattackers' perspective and implement better security controls

Our cybersecurity consultants have helped many businesses secure long-term growth by providing a robust OT-IoT security framework and solutions. In this regard, businesses can avail of multiple benefits like:

• Securing their distributed workforce by implementing effective security controls on employee and organizational devices.
• Software-defined networking enables the automation of security tasks across disparate and complex networks, in line with the evolving complexity of modern devices and networks.
• Simplified and seamless cloud infrastructure that boosts security across workflows for data protection by minimizing exposure and vulnerabilities.
• Assured transparency across multiple devices, systems, and locations.

Modern businesses must adopt a risk-assessment approach, which allows them to assess their cyber vulnerabilities and loopholes through the eyes of a cybercriminal. Keeping cybersecurity as a primary determinant during third-party and business engagements can improve cyber protection in the long run. Vendor consolidation, automation of common security operations, and integrated security solutions can help companies reduce costs and overall complexity. In addition, hiring professional cybersecurity consultants can help businesses enhance the availability, integrity, reliability, productivity, and safety of their phygital ecosystem.