Critical national infrastructure (CNI) covers a wide variety of industries. But what most have in common is that they run industrial control systems (ICS) and other operational technology (OT). Increasingly, these are being enhanced by new investments in Internet of Things (IoT) systems, in a bid to improve efficiency. The problem is, as these legacy technologies are brought online and integrated with IT systems, they become exposed to new cyber risks, with potentially major repercussions.
A new global study reveals that 90% of CNI providers have suffered damage to their environment as a result of cyber-attacks over the past 24 months. To support business growth and minimise risk, CNI firms need to improve visibility and control in these OT environments. Continue reading →
The government is failing to address the cyber challenge facing the UK’s critical infrastructure (CNI) providers urgently enough, a new parliamentary report has claimed. In many ways the challenges facing CNI firms are broadly the same as for other organisations, just that the impact of successful attacks could go way beyond data loss and damaged brand reputation to devastating disruption of daily life and potentially even physical harm to citizens.
The good news is that, in lieu of government action, there are many things that organisations in the sector can do to mitigate risk and improve cyber resilience. They just need to remember to layer up security at all levels of the IT infrastructure, from DevOps up. Continue reading →
Warnings about an imminent “Cyber 9-11”, or a “Virtual Pearl Harbour”, have been with us for years. The most recent was from top US regulator Bejamin Lawsky, head of the New York State Department of Financial Services, who last week voiced public concerns about an “Armageddon-type cyber event”.
Now, most often such dire predictions are used to urge Critical National Infrastructure (CNI) firms to better shore up their defences and improve resilience against possible intrusion. After all, a Unisys report a few months back claimed that 70% of CNI organisations suffered breaches in the past year and 78% of senior security officials said a successful attack on their ICS and SCADA systems was likely in the next 24 months.