When it comes to power generation, chemical processing or oil production, not all computer networks can be treated equal. Though they appear to share similar technologies, information technology (IT) networks and operational technology (OT) networks are two very different environments. And, unfortunately, the traditional means of security, such as patching, do not work for critical infrastructure systems.
Kim Legelis, vice president of marketing at Industrial Defender, recently spoke with Fahmida Rashid of SecurityWeek and explained the reason why security needs to be different for ICS.
“Industrial control systems that handle many of the functions in critical infrastructure are very different from traditional IT networks and equipment. Not only were control systems originally designed to be isolated from the rest of the network, they aren’t intended to be patched on a regular basis. These systems aren’t something that can be down for maintenance on Sunday evenings at 11pm.”
If your local power plant or an electrical grid shut down for a “routine maintenance” check, thousands of people would be negatively affected. Operators of our nation’s critical infrastructure are tasked with the difficult responsibility of ensuring these systems are up to date and secure at all times, without disrupting the lives of millions of people.
To find out more about securing the nation’s industrial control systems, check out the full article here: Open Source Smart Meter Hacking Framework Released.