What makes operational technology (OT) particularly vulnerable to cyber attacks?
Sort By:
Oldest
VP, Director of Cyber Incident Response in Finance (non-banking)2 years ago
You often hear that same frustration: why would somebody just be sitting in your network and not doing anything? You’d think that they would be looking around for a way to take action on that endpoint or network. But they could just be an access broker that will wind up selling that access at some point down the road.
SVP in Finance (non-banking)2 years ago
It’s because there are so many firms using end-of-life products, especially in the manufacturing sector. They can't be upgraded. The software that was developed years ago is no longer in use anywhere, so you can't even ask for an updated patch. They’re just assuming the risk and operating it, which is pretty common these days.
But another factor is that at many manufacturing companies, there's an OT team and an IT team that are in conflict with each other all the time. The OT lead will say, "The IT team doesn't get it because our machines are running protocols that no longer exist in the IT world.” OT is running ISA cards in the machines and IT is telling them to upgrade to USB. But OT says, "No, because that will break the manufacturing line and then it will be your fault when production is down." It’s an interesting problem to solve: how can we get IT and OT to start working together, or be one group? It's not easy.