By: Yair Attar, CTO and co-founder, OTORIO
Today, manufacturing and industrial infrastructures are increasingly connected to IT networks. As such, an OT network that was once isolated from the open internet network, is now vulnerable to external cyber-attacks, compromising crucial business processes. As the frequency and derived impact of these attacks increase, there is a need to prioritize and mitigate risks in order of importance to the business. Recent research collaboration between Accenture Labs and OTORIO addressed this need by leveraging knowledge and experience in cyber digital twins and OT cybersecurity respectively.
The collaboration demonstrates tools to assess the business impact of cyber risks in an OT/ICS environment accounting for actual cyber-attack possibilities, and OT underlying risk elements.
Example of a business processes in a pulp and paper plant:
The key take-aways from the research are:
Modern OT attacks typically start with an external attack surface. The teams demonstrated possible risks to the OT network using a combined attack graph based on a digital twin concept.
Many vulnerabilities can cause cyber risks, yet not all will impact the secured business processes. Context matters. In OT, the context is the production processes. The teams demonstrated a process-aware attack graph, which enables to assess risk accordingly and evaluate potential impact on production and business continuity.
Process-aware graphs enable detection of the weakest links of attack paths towards critical resources and provide concrete mitigation strategies for minimizing cyber risk over organization’s business processes.
Why is this important?
Clear business context visibility over the entire OT and IT network is key to helping organizations achieve faster cyber risk reduction. As such, identifying potential attack paths, assessing their impact over business processes, and optimizing mitigation actions should be evaluated according to business impact, not only cyber impact.
Stay tuned for further innovative work in this area! In the meantime, for more information please contact [email protected] or visit:
Accenture labs: https://www.accenture.com/il-en/about/accenture-labs-index