Adrian Johnson
TLDR:
Industrial technology operators in the Asia-Pacific region face challenges in cyber security due to lack of maturity. Dragos recommends implementing basic cyber hygiene practices and having an incident response plan in place. The top three threats facing industrial technology are commodity malware and ransomware, insider threats, and advanced criminal threat groups or state actors.
Industrial cyber security in APAC is lagging behind enterprises, with operators having medium security maturity levels, but still have gaps to fill according to Dragos. Communication between process engineering and cyber security teams, technical challenges due to operational technology equipment, and the sensitivity of operational technology processes and equipment are the top challenges facing operators.
Having a plan in place and testing assumptions are key to preparing for cyber incidents, according to Dragos. The firm also recommends following the five critical industrial cyber security controls: ICS incident response, defensible architecture, ICS network visibility monitoring, secure remote access, and risk-based vulnerability management to achieve cyber security hygiene.
