Nearly 70 % of industrial organizations have suffered cyberattacks in the last year
ZIUR publishes a new report to help companies keep OT infrastructures safe
Nearly 70% of industrial organizations have suffered cyberattacks in the last year, according to ABI Research and Palo Alto Networks. This worrying figure has led ZIUR, the Industrial Cybersecurity Center of the Provincial Council of Gipuzkoa, to publish a new report on "Authentication Mechanisms in Industrial Environments" to help companies keep their OT (Operational Technology) infrastructures safe from cyberthreats.
Many of these threats target industrial components that control various processes within organizations, from temperature monitoring in industrial ovens, to the control of robotic arms on assembly lines, to the various monitoring panels for all the control components found in an industrial plant. These types of components have always been left out of security, as they were not directly connected to the internet.
However, the situation has changed, and these components must also be included in the business protection plan. Therefore, access to work machines must be regulated, since even if the component is not connected to the larger network, it may be connected to the corporate network and accessible to attackers.
The ZIUR report proposes that organizations take concrete actions to manage access and protect their assets. Recommended measures include maintaining an inventory and identifying the areas where these assets are located, assessing access, creating appropriate policies, and implementing technologies that facilitate access control and user identification. It also recommends monitoring the actions taken to measure their effectiveness, implementing centralized identity and access management, training and raising awareness among staff to promote good security practices, and having threat detection capabilities.
Furthermore, the ZIUR report highlights the IEC 62443-4.2 standard, which emphasizes the need for continuous auditing and monitoring mechanisms that record and analyze authentication and access control events, facilitating early incident detection and timely response.
The Gipuzkoa Industrial Cybersecurity Center emphasizes that authentication in industrial environments faces increasing challenges, making it essential to implement robust mechanisms tailored to the specifics of the sector. Combining traditional and emerging methods, integrating with organizational policies, and efficiently managing the credential lifecycle are essential to protecting critical assets and ensuring operational continuity.
See the report here.