ICS 2022

Since the Colonial Pipeline cyber attack, there has been an abundance of actions taken – from the cybersecurity directives issued by the White House and the Transportation Security Administration (TSA) to the bolstering of IT operations within companies. Despite these preliminary actions from the government, oil and gas organizations, and other industrial sectors within critical infrastructure, it is not enough. 
 
The Colonial incident and the subsequent directives are not only warning bells for the industrial sectors within critical infrastructure but are booming dinner bells for cyber criminals. These adversaries have confirmed that the cyber-physical world is their new battleground and they will continue to find new ways to exploit vulnerabilities and disrupt industrial operations with potentially devastating consequences. They do so by targeting OT networks that run industrial systems instead of IT because the impacts are far-reaching, costly and dangerous. It is important to note that these criminals only need to get it right one time to make a substantial impact and are constantly evolving attack methods.
 
As cyber criminals are strategically changing course to target critical infrastructure, companies must realize that the cyber-physical world is vulnerable and unprotected. Immediate action is necessary to prevent OT networks from being comprised. 
 
This presentation will examine how cyber incidents, like Colonial, Oldsmar Water Plant and the JBS food plant, have highlighted the growing problem of cyber-physical attacks on critical infrastructure and what criminal behavior tells us about future attacks. In addition, this session will explain how the growing convergence of OT and IT cyber have exposed the gaps in OT cybersecurity, why the methods used to protect IT do not work in an OT environment and why all eyes will be focused on OT to prevent growing cyber-physical threats.  
 
Furthermore, this presentation will explain why the current cybersecurity regulations are not enough to spur widespread change while highlighting the market forces that will drive that change. It will also discuss why the private and public sectors need to join forces to advance industrial cybersecurity. Lastly, it will underscore the questions stakeholders must ask and the actions they need to take to fight against criminals in this new battleground, protect their OT environments, and ultimately safeguard their businesses, supply chains, and consumers. The warning bell has sounded but the dinner bell is louder.