Share these talks and lectures with your colleaguesInvite colleagues
Effectively integrating physical security technology into the operational technology domain
The operational technology (OT) domain has historically been an area of sensitivity primarily within the industrial (manufacturing, petrochemical, medical) and critical infrastructure (power, water, utility, data, telecommunication) markets. Recent compromises of OT have expanded the exposure to loss from this domain into more core corporate markets, including pharmaceutical, technology, logistics/supply chain, software, banking/finance, retail, warehouse/distribution and commercial office. This paper promotes a holistic countermeasure implementation programme must be put in place and be managed as a core competency within the overall cyber security posture of an organisation in order to effectively mitigate threats to this domain. It advises how physical security controls must be a priority within this posture to effectively control access to the on-site assets that manage OT. The control strategy put forward in this paper introduces two key attributes. The first is to apply physical security controls to protect OT, which may require an expansion of the locations at a site where these controls are deployed. The second is to treat physical security assets as OT so they fall under the same level of network segmentation, threat management, version control and access management as core OT assets.
The full article is available to institutions that have subscribed to the journal
Matthew Wharton serves as president for the Guidepost Solutions Security and Technology Consulting group and oversees its core services, including cybersecurity, system design and project management, global command and control centres, security assessments and managed services. He is a career security professional with more than 30 years’ experience leading security consulting and integration firms.