Читать книгу The Official (ISC)2 SSCP CBK Reference - Mike Wills - Страница 53

SUNBURST and other attacks in 2020 and 2021 highlighted how little attention many organizations were paying to the physical control and interaction side of their information systems. Enterprises that did not directly use IT to control manufacturing systems, or command and control vehicles and heavy machinery, believed themselves safe from physical harm, and yet would blithely invest in smart buildings and IoT devices for use in their office environments. They believed that these operational technologies—OT systems that directly cause physical motion or action, or monitor and supervise systems that do—were sufficiently separated from their IT systems, such as their corporate data centers, that there was little danger of a vulnerability on one side of that IT-OT interface from causing harm to systems, data, and people on the other side. That has been shown to be a false hope.

Operational technologies (OT) include industrial control systems (ICS) and the supervisory, control, and data acquisition (SCADA) systems that direct their activities. OT also includes Internet of Things (IoT) devices, autonomous, mobile machines (from custodial devices to chaotic warehouse forklifts), and robots. Most smart city systems, particularly their mass transit, water and sewer, traffic control, and communications management systems are part of the OT world, as are smart building environmental, power, and security management systems at work and in the home. This list of OT use cases grows every day, and in each case, there are data sharing and collaborative control and supervisory linkages with IT systems at many levels. And in most cases, device control involves switching and detecting AC and DC power and signals as part of controlling physical actuators and sensors.

As older OT systems are being phased out, newer systems tend to be making greater use of the Common Industrial Protocol (CIP). This is a feature-rich set of functions that are used within OT architectures to provide management, real-time control, data acquisition, and safety intervention across an architecture. CIP can operate over IP networks, which allows OT regional control workstations to easily interact with organizational IT systems. OT and IT systems both share common problems, such as the challenges of establishing and maintaining a secure supply chain for software, firmware, and hardware updates. Access control problems are quite common; the information security hygiene measures you need to apply to almost every IT systems environment must also be applied to your organization's OT systems, although with different techniques and tools. Integrated visibility—having a SIEM-like insight into the combined IT / OT architecture of your organization—can be achieved, but it's not as straightforward as some vendors may make it seem.

Safety, like security, is an end-to-end responsibility. It's no wonder that some cultures and languages combine both in a single word. For example, in Spanish seguridad unifies both safety and security as one integrated concept, need, and mind-set.