Cyber-Informed  Engineering  –  A  New  Perspective  on  OT

            Security



            By Andrew Ginter, VP Industrial Security, Waterfall Security Solutions


            Cyber-Informed  Engineering (CIE) is a new perspective on OT cyber risk – one that is being embraced
            by OT/engineering  teams and IT/enterprise cybersecurity teams alike. This kind of consensus among IT
            and OT teams is unprecedented in the twenty-year history of the OT security field.



            Threats

            The OT threat environment continues to worsen, which means we have an increasingly pressing need to
            engage IT and OT teams in addressing material cyber risks to physical operations. In particular, in 2023,
            68 cyber-attacks shut down, damaged, or otherwise physically impacted over 500 operational technology
            (OT) sites, according to the latest Waterfall / ICSStrive 2024 Threat Report. The rate of this class of attack
            was mostly  “flat” between  2010 and  2019, with zero  to five attacks in the public  record  every year for
            manufacturing and heavy industry. Since the turn of the decade, the number of these attacks has roughly
            doubled annually, compounded. The problem of OT security has changed, from a “theoretical” problem,
            to one that is real and growing exponentially.






            Cyber Defense eMagazine – July 2024 Edition                                                                                                                                                                                                          86
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.