Frost & Sullivan and Applied Risk, a DNV company, have joined forces to publish a new white paper outlining practical steps for designing, implementing, and maintaining sustainable operational technology (OT) cyber security programmes.
Securing OT—the control systems that manage, monitor, automate and control industrial operations—is a growing challenge for companies with industrial operations. As OT becomes more connected and networked to IT environments, cyber criminals are increasingly gaining access to, and control of, industrial infrastructure. OT-reliant sectors, including manufacturing, energy, healthcare, and transportation, now appear within the top ten most-attacked industries. The risk of production shutdowns, safety incidents, process disturbance, and other service disruptions is consequently growing.
A Blueprint for Building Sustainable Operational Technology Cyber Security Programmes addresses common concerns facing OT security decision-makers as they invest in protecting their organisations against emergent risks. These include:
- 40% of OT security decision-makers worry about the potential security risks of IT and OT system integration in their organisation.
- 37% say their organisation lacks the expertise needed to develop and maintain a sustainable OT security programme.
- 26% believe that their organisation’s decision-making structure is so complex that it paralyses the OT security planning process.
The white paper provides accessible advice for overcoming hurdles in designing, building, and operating OT security programmes. Frost & Sullivan’s team of analysts has partnered with industrial cyber security experts at Applied Risk to describe useful actions that should be taken at every stage of a programme’s lifecycle, from setting goals and responsibilities to determining vulnerabilities, selecting countermeasures and governance systems, implementing controls, and embedding assurance schemes. The white paper also includes a checklist of ‘to-dos’ to help cyber security, engineering, and management teams avoid pitfalls along the way.
“The industrial sector cannot excel in its digitalisation and automation efforts without robust cyber security measures in place. At a time of increasing geopolitical tension and tightening regulatory requirements, OT security leaders are under greater pressure to demonstrate that their organisation can manage the risks emerging from an increasingly complex cyber threat landscape. But there is relatively little best practice available on how to build sustainable OT security programmes. The white paper that we have published with Frost & Sullivan aims to provide OT security leaders in need with a framework for success,” said Jalal Bouhdada, Founder of Applied Risk and Global Cyber Security Segment Director at DNV.
“A Blueprint for Building Sustainable Operational Technology Cyber Security Programmes addresses the multiple ingredients needed for OT security programmes to have long-term impact. The white paper gives clear advice on the process and technology considerations that must be made, and it shines a light on the importance of people. We outline the stakeholders who must commit to the programme, the culture that must be realised, and the internal and external skillsets that are needed for its success,” added Danielle VanZandt, Industry Manager—Commercial & Public Security at Frost & Sullivan.
To download the white paper, please click here.
About Frost & Sullivan
For six decades, Frost & Sullivan has been world-renowned for its role in helping investors, corporate leaders and governments navigate economic changes and identify disruptive technologies, Mega Trends, new business models and companies to action, resulting in a continuous flow of growth opportunities to drive future success. Contact us: Start the discussion.
About Applied Risk
Applied Risk, a DNV company, is a trusted partner for industrial cyber security driven to safeguard the critical infrastructure our society depends on. Combining cyber security knowledge and experience in operational technology, Applied Risk provides tailored solutions that assists asset owners, system integrators and suppliers to develop, deploy and maintain cyber-resilient operations. Based in The Netherlands, Applied Risk operates on a global scale, helping protect industries such as oil and gas, power, water management, pharmaceuticals, healthcare, manufacturing, maritime and transport.
DNV is an independent assurance and risk management provider, operating in more than 100 countries, with the purpose of safeguarding life, property, and the environment. As a trusted voice for many of the world’s most successful organisations, we help seize opportunities and tackle the risks arising from global transformations. We use our broad experience and deep expertise to advance safety and sustainable performance, set industry standards, and inspire and invent solutions.