Managing and securing operational technology (OT) is notoriously challenging, and it’s only becoming more difficult as OT systems and networks grow more complex and distributed. Operational technology is a frequent target of cyberattacks due to the severe impact on business operations and a relative lack of security protection compared to IT networks.
Early attempts to apply IT-specific security controls to OT had mixed success. A particular tool may work well in one scenario, but fail in another project. Some solutions meant to simplify OT management, such as NMAP (or Network Mapper), could even turn into weapons in the wrong hands. For example, the AvosLocker ransomware variant uses NMAP NSE (NMAP Scripting Engine) to scan endpoints for the Log4shell vulnerability and select targets to exploit.
This guide defines OT, explains how to overcome some of the biggest operational technology security challenges, and discusses the importance of recovery in building resilience in OT.
What is operational technology (OT)?
Operational technology (OT) includes any equipment interacting with the real world, as well as the systems that control such equipment. Some examples of OT equipment include HVAC systems, door controls, industrial machinery, fluid system sensors, and medical