Many OT cyber security experts don’t understand the systems they are trying to secure – the square peg in the round hole

There is an old saying about not forcing a square peg into a round hole. The square peg is IT and OT network security. The round hole is the insecure ICS field device.

On September 8, 2022, RSA held the RSAC 365 Virtual Seminar & Innovation Showcase: OT & ICS Security. The session was focused on the square peg of IP network cyber security. And then on September 11, 2022 (9/11), Top Cyber News issued their September issue which focused on the round hole of control systems and devices. Without the ICS devices working properly, facilities cannot operate reliably and safely whereas facilities can operate without the IP networks as demonstrated by the recovery from the 2015 Ukrainian power grid cyberattack.

The approach for offensive cyber operators when they attack an industrial or manufacturing system is to identify the impact they want to achieve and then study the systems to find out the best way to accomplish the goal. Techniques used by OT cyber security defenders is to assume that what needs to be defended are the OT networks and therefore it is not important to understand how the systems they are trying to protect work. In order to defend and optimize the plants, buildings, facilities, and transportation, one needs to understand how the systems and components work. It doesn’t make sense that the approaches attackers have used to successfully compromise physical infrastructures continue to be ignored by cyber defenders.

http://www.realtimeacs.com

Control Systems Cybersecurity Expert, Joseph M. Weiss, is an international authority on cybersecurity, control systems and system security. Weiss weighs in on cybersecurity, science and technology, security emerging threats and more.