Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Think beyond IT security — cyber resilience to build future-ready world : OT and ICS, critical infrastructure and beyond
Cyber Security: A Peer-Reviewed Journal,
6
(2),
119-131
(2022)
Abstract
In the current scenario, cyber security professionals, along with industry leaders, are working hard to protect digital assets from current and emerging threats. Besides this, little thought has been given to securing the physical world consisting of vulnerable connected systems. Insecure operational technology (OT) and industrial control systems (ICS) have been installed within critical infrastructure and the manufacturing industry, making it vulnerable to cyberattack. Aside from that, satellites play a key role in communication, mobile phone networks, global positioning systems (GPS), weather prediction, ships, defence forces and much more, which are insecure and vulnerable to hacking. This paper provides insight into current issues, disintegrated workforces and its challenges, critical infrastructure security and how to think beyond information technology (IT) security to secure the digital and physical world. While providing an insight into the US Army in multi-domain operations 2028, it explains how taking a similar approach within the cyber security industry will help improve cyber maturity to defend against adversaries.
Keywords: OT/ICS security; IIoT; OT and IT convergence; critical infrastructure; cyber resilience; zero trust
The full article is available to subscribers to the journal.
Author's Biography
Sanam Makadia is a Cyber Security Architect at Interactive Pty. Ltd., Australia, and a member of the CREST Australasia Council’s Advisory Board. With more than 15 years’ experience in design, consulting, architecture, risk and governance supporting large-scale telecom and enterprise networks, Sanam has a strong interest in topics such as cyber strategy, GRC, zero trust, operational technology/industrial control systems (OT/ICS), cloud computing and artificial intelligence (AI). He believes that cyber security is not about tools and technology but understanding business risk, cyber strategy and how to effectively use people and process to mature organisations by providing a clear roadmap to enhance cyber security.
