OT/control system cyber security has changed and not for the better

There has been significant progress in securing IT and OT networks. However, one would expect that after 23 years, the “OT” security community would be further along in securing critical infrastructures from control system and other kinetic cyber incidents. Unfortunately, the engineers needed to safely secure control systems are generally not involved while the network security personnel who don’t understand these systems are involved. The distinction can be seen by the 2001 ISA Expo where almost all the participants were engineers compared to the September 24, 2024, OT session at the HouSecCon Conference where almost all participants were from network security. Having said that, there is still hope. My presentation to the American Petroleum Institute (API) Cyber Security Conference November 12th, 2024 in Houston will be on cyber security of process sensors. Additionally, the Institute for Homeland Security at Sam Houston State University published my paper “Who’s in Charge of OT security” which seems to be going viral. There is one electric utility that is addressing control system cyber security. I don’t know of any water utility that is addressing control system cyber security. Hopefully, there may be light at the end of the tunnel.

https://www.controlglobal.com/blogs/unfettered/blog/55233758/ot-control-system-cybersecurity-has-changed-and-not-for-the-better

http://www.realtimeacs.com

Control Systems Cybersecurity Expert, Joseph M. Weiss, is an international authority on cybersecurity, control systems and system security. Weiss weighs in on cybersecurity, science and technology, security emerging threats and more.