Critical national infrastructure (CNI) covers a wide variety of industries. But what most have in common is that they run industrial control systems (ICS) and other operational technology (OT). Increasingly, these are being enhanced by new investments in Internet of Things (IoT) systems, in a bid to improve efficiency. The problem is, as these legacy technologies are brought online and integrated with IT systems, they become exposed to new cyber risks, with potentially major repercussions.
A new global study reveals that 90% of CNI providers have suffered damage to their environment as a result of cyber-attacks over the past 24 months. To support business growth and minimise risk, CNI firms need to improve visibility and control in these OT environments. Continue reading →
The government is failing to address the cyber challenge facing the UK’s critical infrastructure (CNI) providers urgently enough, a new parliamentary report has claimed. In many ways the challenges facing CNI firms are broadly the same as for other organisations, just that the impact of successful attacks could go way beyond data loss and damaged brand reputation to devastating disruption of daily life and potentially even physical harm to citizens.
The good news is that, in lieu of government action, there are many things that organisations in the sector can do to mitigate risk and improve cyber resilience. They just need to remember to layer up security at all levels of the IT infrastructure, from DevOps up. Continue reading →
A new poll has revealed that many MPs regard cyber-attacks on the UK’s critical national infrastructure (CNI) as the biggest online threat facing the nation. The good news is that we have an EU law to tackle exactly this challenge: the NIS Directive. But effective compliance will only be possible if organisations working in these sectors get better at bridging the traditional divide between IT and OT. Continue reading →
Looking back at the past 12 months you could be forgiven for thinking that cyber security is about little more than stopping data breaches and ransomware. These two trends have certainly dominated the headlines of late. But there’s another strain of cyber threat, which is potentially far more serious than losing some data – however damaging that might be to a company or individual. I’m talking about attacks on critical national infrastructure (CNI) designed to cause physical damage and disruption. Continue reading →