This is the last blog in our series examining cybersecurity issues related to critical infrastructure. This post focuses on future trends.
Cyberattacks on critical infrastructure are occurring more frequently. However, it has not yet created the sense of urgency that something needs to be done to secure these structures further. Here are some ways this could change in the future:
- Segmentation could occur: Most businesses typically have just one defense line that separates the external environment threats from those that exist in the internal environment, often referred to as “perimeter security.” Once the cyberattacker penetrates the perimeter security, they can essentially gain access to anything they want. With the implementation of MFA and the Zero Trust framework, there have been calls to segment the IT and network infrastructure that exists in the environment. Each segment would have its own set of defenses. The statistical probability of an attacker breaking through all the segments become lower each time and the attacker gives up in frustration. The same line of thinking can also be applied to critical infrastructure as well, however, they all consist of legacy computer systems, which may or may not support the segmentation efforts. Even if they do, there is no guarantee that it will be sustainable for the long term.
- The Internet of Things impacts critical infrastructure: The Internet of Things (IoT) refers to the digital connection of all the objects that we interact with in the virtual and physical worlds. This phenomenon has been further catapulted by the rise of the remote workforce. There is a current strategy in place to integrate the IoT into the world of critical infrastructure, known as the “Industrial Internet of Things” (IIoT). It is likely this trend will dissipate in the future as more cyberattacks are launched against critical infrastructure. With an IIoT in place, the attack surface becomes much more significant, and the number of backdoors that the attacker can penetrate is now greatly multiplied.
- Financial damage will escalate: As more threat vectors are launched, they become more sophisticated and covert in nature. The financial toll that it will take on critical infrastructure is expected to reach well over the multimillion-dollar mark. It is likely that the recovery period from future attacks will be a lot longer than what it is today. With the convergence that exists within the IT and the operational technology (OT) realms, the attacker will quickly gain access to either the ICS or SCADA systems via any vulnerability gaps that persist in the network of the critical infrastructure.
- A stronger partnership with cybersecurity: Critical infrastructure leaders will continue to work closely with those in the cybersecurity industry. In addition to implementing security tools/technologies that can interoperate with the legacy ones, there will be a greater effort to share threat intelligence information and data on a real-time basis so that IT security teams can be much better prepared to handle any threat vectors that are looming on the horizon.
- A greater need for cybersecurity insurance: Cyber insurance can help organizations recoup financial losses if they are a victim of a cyberattack. Most companies are under the impression they have full coverage but it is unlikely they will not receive a 100% payout. However, critical infrastructure is starting to understand the need for some sort of financial protection in the event they are breached.
- Cloud Migration: There is a strong push to move on-premises solutions to a cloud-based platform, such as that of AWS or Microsoft Azure. While there is potential for success as it relates to critical infrastructure, there is also the realization that a full migration may not happen. Most of the developed technologies for critical infrastructure were developed back in the ’70s and the ’80s, so trying to move everything into something as advanced as the cloud is unrealistic.
It is important to keep in mind that cyberattacks do not just happen to digital assets; they can happen to physical assets as well, including critical infrastructure. The downtime suffered here will be more devastating than security breaches that have occurred in the digital world.
To learn more about putting an effective security plan in place, and about testing it in the right way, get in touch with our team today.
Sources