More Focus On Critical Infrastructure
Critical infrastructure hasn’t received enough focus and diligence from cyberdefenders, and IoT and OT networks remain vulnerable due to a lack of energy and thought around how they should best be protected, according to RSA Security CEO Rohit Ghai.
Dated technology is still being used in critical infrastructure environments that’s difficult to update, not the source of robust security updates and is refreshed far less frequently than the technology in the IT stack, Ghai said. “It’s high time we stop being surprised by critical infrastructure attacks and put some emphasis there too,” Ghai told CRN.
Protocols are quite different in critical infrastructure networks, which Ghai said makes it quite difficult to discern anomalous or malicious traffic without significant investment and focus. Hackers can also disrupt critical infrastructure though physical access to those systems and from there get their foot in the door to disrupt the cyber side of IT operations, according to Ghai.