Enterprise Times recently talked with Aleksander Gorkowienko, Managing Consultant for Spirent Communications and part of the security labs. We talked about the problems of Industrial IoT (IIoT) and Operational Technology (OT). Many of the older systems sit alongside new system but they are often not managed by IT. Instead they are looked after by engineers who can struggle to make the systems secure.
Gorkowienko pointed out that: “It means combining old interfaces, old protocols with new ones and many are in clear text because that is how they were designed 20 or 30 years ago and no-one thought about security at that time.” This has led to serious security problems as organisations try to identify those systems and work out how to secure them.
Hackers, whose tools continue to evolve, are constantly probing those systems to find weaknesses to exploit. The consequences of all of this are already being seen. Gorkowienko calls out attacks in Ukraine, against Critical National Infrastructure (CNI) and manufacturers production systems as examples of this.
Before any steps such as bringing in ethical hackers or trying to secure systems, IT and engineering teams need to talk. This is often not easy. Each is very defensive of its own environment. But that has to change. If not, organisations will find themselves in serious trouble.
To hear more of what Gorkowienko had to say listen to the podcast.
Where can I get it?
obtain it, for Android devices from play.google.com/music/podcasts
use the Enterprise Times page on Stitcher
listen to the Enterprise Times channel on Soundcloud
listen to the podcast (below) or download the podcast to your local device and then listen there