OPERATIONS
These systems , often responsible for critical infrastructure , require specialised protection against emerging cyber threats .
Manu Gopeendran , Industry Analyst and SVP Strategy and Marketing at MetricStream , emphasises the vulnerability of OT systems to cyber attacks : “ Monitoring these systems is imperative because cyber hacks or attacks can immobilise important infrastructure – such as water plants or energy processing systems – and therefore supply chains .”
The challenge is compounded by the prevalence of legacy systems .
Manu continues : “ Often , these systems are run by legacy hardware and software and can be brought down by simple missteps such as insider access – outdated employee credentials , for example – or out-of-date software that creates simple access for hackers .”
OT assets are involved across the entirety of the physical supply chain . This might include assets in the production line that create products , the vehicles that move those products to where they are needed and , potentially , telemetry and data from the products .
“ Getting data together can make your supply chain more efficient , as you can understand where your products are in demand and manage your shipping and supply lines to be more efficient ,” explains Matt Middleton-Leal , Managing Director EMEA at Qualys . “ You can be more profitable by responding to changes in market demand faster . All these decisions rely on data from your network of OT assets .”
MANU GOPEENDRAN ’ S ROBUST THIRD-PARTY RISK MANAGEMENT PROGRAMME
• Identification of critical suppliers
• Performing deep due diligence on suppliers during onboarding , including assessment of cyber risk posture
• Ongoing monitoring for changes to cyber risk
• Contractual notification of cyber events
• Timely offboarding of suppliers to prevent use of credentials
However , this connectivity inevitably introduces new risks . Connecting OT assets that weren ’ t initially designed to be on the Internet can cause significant issues .
“ Once you start getting that data , there is a potential route back to those machines that can be exploited ,” Matt goes on . “ This is particularly problematic when you have older assets in place that are potentially out of date and don ’ t have security fixes for any problems .”
Integration challenges and solutions Integrating legacy OT systems with modern , cloud-based platforms presents one of the most significant obstacles facing supply chain leaders today .
This combination of technologies old and new creates unique security considerations that require careful management .
114 December 2024