Operational Technology (OT) is hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes and events. In other words, the term is used to describe environments that contain Industrial Control Systems (ICS). These include transportation systems for the built environment, Programmable Logic Controllers (PLC), Distributed Control Systems (DCS), etc. To a layman, OT is a group of computing systems used to help manage, monitor, and control physical operations in the industrial world.
This technology is essential to the day-to-day running of the industrial world. On Tuesday, May 18, 2023, Microsoft released its latest Cyber Signals Report at a virtual press conference, where it exposed how a new cyber threat is putting organizations and technology teams at high risk. The Microsoft’s latest Cyber Signals report highlights how cybercriminals are using Operational Technology (OT) as gateways into an organization’s network. According to the report, the new threat comes at a time when emerging technologies like Internet of Things (IoT) connections in the African region are growing.
Growth in IoT and OT makes organizations vulnerable to attack.
The GSM Association (GSMA) predicts that about 1.1 billion IoT connections are expected by 2025 in Middle East and North Africa (MENA). The report revealed that this growth in the IoT and OT has given cybercriminals more opportunities to breach an organization’s network. Meanwhile, Microsoft’s Cyber Signals report is a regular cyber threat intelligence brief spotlighting security trends and insights gathered from Microsoft’s 65 trillion daily security signals and 8,500 security experts. The latest edition has found that converging Information Technology (IT), Internet of Things and OT systems, pose a wider risk to critical infrastructure.
For Chief Information Officers (CIO) in the Middle East and Africa (MEA), the impact of a possible security breach is a top priority in an increasingly complex threat environment. The report added that there was an 11.2 percent rise in cybersecurity spending in the Middle East and North Africa for 2022. It explained that the growing rate of digital transformation within the African region is enabling new attack vectors and opportunities for cybercriminals. For Nigerian CIOs, the repercussions of a potential security breach is tops their concerns as they look to navigate an increasingly complex threat and regulatory landscape.
There has been a proactive approach toward organizational threat.
According to an Enterprise Security Trends in Nigeria survey, which was conducted by the IDC and commissioned by Microsoft, Nigerian organizations realize the importance of developing a proactive approach to security. This has resulted in 72 percent of organizations in Nigeria having increased security budgets by at least 10 percent in the last couple of years. Also, the increase in digital transformation across the region would enabled organizations to manage their buildings, emergency systems and access control with smart devices connected to a network.
IoT devices in the workplace have also increased to better enable hybrid work such as smart conference rooms with microphones and cameras. As cybercriminals continue to expand their reach and devise complex threats, organizations need to re-strategize their cyber risk approach in order to be ahead of the curve. The experts working in these organizations need to employ novel ways of viewing these threats and come up with innovative ways of countering them. Sometimes, this could involve thinking like the cybercriminals themselves.
Devices are now more connected than ever before.
While analyzing the Microsoft report, Country Manager for Microsoft Nigeria and Ghana, Ola Williams, noted that organizations are now more connected than ever. Devices are now so interconnected that nothing can and should be overlooked, from the Wi-Fi router to the office printer. He said that IT teams need to view their IoT devices differently and secure them as they would any company laptop to prevent security breaches. “Gaining complete visibility of an organization’s OT systems and protecting its IoT solutions will go a long way in preventing cyberattacks,” he said.