Critical infrastructure are assets that supports our economy and exists in numerous sectors like transportation, energy, communications, and agriculture. Operational technology like nuclear power plant have physical effects in our world and requires heavy oversight compared to informational technology and goes through more audits. Industrial control systems and Supervisory control and data acquisition are systems that are used to control these infrastructures and they are heavily monitored by cybersecurity experts. This is because one of the biggest threat to these critical infrastructure is cyber attack that can take down these essential systems.
Operational technology used to be isolated in its own standalone network but are now being connected into IT networks to include cloud to provide remote controls and automatic system upgrades. Since operational technology ranks higher on assets of importance for a company, organizations need to implement multiple security measures and apply defense in depth to ensure it is safe from threats. Sensors are placed and are used to capture all data for analytics. Technology like splunk is widely utilized to detect anomalies with connected assets. Splunk is heavily utilized by the military as well to monitor their aircraft. They are not your usual assets that you can scan for common vulnerabilities. While there are tools like lansweeper that enables you to scan widely used operational technology to detect outdated firmware or updates, most companies use their own unique assets, so you would need a specific scanner made for your system or utilize tools like splunk to detect anomalies. Operational technology also uses unique protocols like modbus and melsec, so regular scanner wouldn’t work.
HansITAcademy 