Click image to view it in full size

The need for industrial cybersecurity is the result of 2 significant trends: increasing connectivity of all assets and digital transformation initiatives. Information technology (IT) and operational technology (OT) convergence is good but it has its risks because of substandard security frameworks. Connectivity exposes organizations and infrastructure to attacks that have grown tremendously over the last few years (the most obvious and recent is the pervasiveness of ransomware).

During the early months of the COVID-19 pandemic, industrial cybersecurity vendors extended security to employees who needed access to critical infrastructure from anywhere. As employees continue to return to offices/facilities, vendors must maintain security of devices that have not been under the organization’s security umbrella for almost a year.

The Biden administration has been proactive with initiatives to upgrade inadequate systems: the US Department of Energy, for example, started a 100-day plan to improve cybersecurity in utilities’ industrial control systems to secure the energy sector. Vendors expect new regulations in other industries as well, and note that heightened awareness and government actions are dramatic changes from even 6 months ago.