"Attackers understand the extent of the damage they can cause to OT-dependent businesses, particularly in the manufacturing industry. Therefore, they will increasingly target these lucrative targets in the coming year - mainly through ransomware. However, this is not the only motivation. OT targets also provide attackers with publicity, as these attacks are usually high-profile.

Furthermore, with the increasing attention and rising costs and penalties associated with energy consumption and CO2 emissions, companies will turn to smarter management of their processes, which will increase the use of OT-based sensors and controls. More and more IoT and OT devices will be used in smart buildings, factory management and building management systems. These trends will expose companies to further risks as their attack surface increases.

OT vulnerability management will be less concerned with the patch level or firmware version of the device and more concerned with the contextual use of the device to take appropriate action. Organizations will look for temporary remediation solutions until they can patch the business-critical OT device in question.

Filtering out OT-relevant risks

Successful OT security requires looking at the entire company and filtering out those risks that are relevant to the OT environment. OT security is no longer just about OT security. Companies cannot secure their OT environment if they only try to protect OT data.

OT security will increasingly embrace IT security concepts - and vice versa - while mainstream IT product vendors will integrate OT security features. As a result, the relationship between OT and IT will become less antagonistic and more collaborative. OT OEMs such as Siemens, Honeywell or Rockwell Automation will recognize the need to build security hooks into their platforms to facilitate the retrieval of security information from their devices.

OT vulnerability management will be less concerned with the patch level or firmware version of the device and more concerned with the contextual use of the device to take appropriate action. Organizations will look for interim remediation solutions until they can patch the business-critical OT device in question.

Dealing with security proactively instead of reactively

Marty Edwards, Deputy CTO of OT/IoT at Tenable

© Tenable

The increased duty of care required by cyber insurance providers and the changes in the cyber insurance market will further increase the pressure on industrial companies. Companies are being called upon to be proactive with their security, rather than reactive and waiting for an incident to occur in the hope that insurance will cover it. Cyber insurers will limit their policies to exclude payments for ransomware. Companies will be forced to consider other options for dealing with this risk - be it self-insurance, a proactive approach, system redundancy or other.

CFOs and CISOs will carry out a cost-benefit analysis of investments in IT and OT security and find that investments in OT will be more worthwhile than in IT in 2024. For every dollar invested in OT, companies will receive more than if they invested a dollar in IT security. OT investments reduce risk much more than IT security measures.

With the increasing awareness of OT security, service providers have already started to enter this business, offering OT assessments and other professional services. This trend will intensify in 2024, when a growing part of the OT business will be provided by global system integrators (GSI) and other service providers, and the OT segment will not only be served as a standalone product or by small niche providers.

With the need to comply with more and more regulations - and here the focus is on NIS2, the trend towards cyber insurance, auditor activity and board oversight, there will be an increase in reporting and analysis of OT security status. This will not only be used as a tool to protect the OT environment, but also to report on status, trends and changes over time."