Operational technology (OT) interacts with crucial real-world infrastructure, empowering everything from energy plants to manufacturing facilities. Such environments are obvious targets for cyberattacks, but OT security often leaves much to be desired.
OT is a broader concept than IT, describing the systems, both software and hardware, that underpin industrial environments. This means OT works directly with the physical world: things like Supervisory Control and Data Acquisition (SCADA) systems or Industrial Control Systems (ICS).
While there’s significant overlap with IT, the priorities are very different. As the UK’s National Cyber Security Centre (NCSC) notes:
“Where cybersecurity for IT has traditionally been concerned with information confidentiality, integrity and availability, OT priorities are often safety, reliability and availability, as there are clearly physical dangers associated with OT failure or malfunction.”
Key password challenges in OT security
OT environments aren’t just tempting targets for criminals, they are also uniquely vulnerable. For instance, the hardware and software in these environments is often outdated and resource-constrained, notes the World Economic Forum.
And things are growing more complex. IT and OT are increasingly intermingled, creating the potential for a criminal to exploit user credentials or reused passwords and to expand their attacks. The Internet of Things (IoT) introduces a new layer of connected systems that naturally increases the surface area for attack.
There are also unique challenges when it comes to passwords. As in the IT space, passwords remain a core function of security, even when users deploy multi-factor authentication (MFA) and other complementary approaches. However, the OT sector faces exacerbated risks and even unique dangers when compared with IT.
Interested to know how many of your users have weak or breached passwords? Run a read-only scan of your Active Directory today with our free tool: Specops Password Auditor.
Shared accounts and workstations
... continue reading