What should organizations do to defend against such OT attacks?

Vijay: Fortunately, while there are numerous cyber risks targeting vaccine production and distribution, there are also industrial cybersecurity best practices that can mitigate such threats:

  • Ensure operational visibility. One of the biggest challenges with securing OT environments is a lack of telemetry, and therefore, visibility into OT networks. Vaccine manufacturers need real-time visibility into all their operational systems linked to the production and distribution of vaccines. This will allow security teams to notice if there is anything out of the ordinary going on in the systems, allowing them to detect, investigate and resolve malicious activity. Additionally, such visibility can help to identify vulnerabilities such as out-of-date operating systems and software, and also any common vulnerabilities and exposures associated with products, allowing them to take action.

    In order to achieve this, organizations need a security solution that overcomes OT-specific challenges such as a lack of standardized technology, the use of proprietary protocols, and a low tolerance for downtime and other disruptions impeding critical processes.
  • Establish secure remote access. Organisations need to use remote access solutions that are purpose built for industrial environments that allow for auditing, control and monitoring capabilities. This includes extremely granular role- and policy-based access controls for industrial assets at multiple levels and geographic locations while supporting Zero Trust and Least Privilege security principles.
  • Stay up to date on cybersecurity standards. Organisations can also look to OT cyber security recommendations by respective government agencies. Singapore, for instance, is setting up a panel comprising global experts to offer advice on OT cybersecurity as part of the country’s latest cybersecurity blueprint. Organizations involved in the vaccine supply chain can also refer to OT security recommendations released by US security agencies the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA).

Why and how should business leaders at the board level be essentially involved to ensure reliable OT security?

Vijay: The pandemic has caused board-level business leaders across a wide range of industries to pay more attention to OT security, due to the increased need for secure remote access to industrial operations and the accelerated convergence of IT and OT networks. Many of those leaders have now seen first-hand how digital transformation impacted their organization’s ability to adapt to the new circumstances of pandemic life.

For companies that have previously tried to keep their OT networks as isolated as possible and didn’t have remote connectivity in place, it was a slow and sometimes rocky start. Those that had begun to embrace digital transformation initiatives were able to transition more smoothly, as they had already started thinking about security in an expanding and open environment.

They either knew or learned the hard way that OT security plays a vital role in creating business resiliency and adapting to rapidly changing circumstances.

Therefore, a silver lining of the pandemic is that this increased focus on OT security has laid the groundwork for sustained efforts to strengthen cybersecurity over the coming years. Strong coalitions are essential to moving forward quickly.

Many board members have been hands-on at an operational level when it comes to adapting to the COVID-19 pandemic, and they have seen how preparedness and having the right technologies and processes in place are essential to enabling IT/OT convergence and building a more resilient business. This presents an opportunity for board level support for the work the security teams are doing, and garner cross-organizational support.