Chris Grove for MBT Mag:  The IT/OT convergence that is propelling the Fourth Industrial Revolution has opened up a can of worms in terms of risks to both IT and industrial control systems. Meanwhile, these risks are being compounded by the divide between these two worlds.

At the product level, industrial equipment providers are introducing a myriad of new advances to their automation technology. Especially with respect to networking, which is producing more intelligent controllers (PLCs, RTUs, etc.), devices and objects (e.g., industrial sensors) that can share vast amounts of data. The data generated by these networked devices is being used for machine-learning and operational analysis in order to make real-time adjustments to industrial control processes.

The benefits are undeniable, providing enhancements in safety as well as operational efficiency. Those benefits, however, come at a cost. Particularly in terms of cybersecurity. The new risks introduced by the interconnectedness of these advancements, create opportunities for threats to extend into areas that were previously unreachable or completely isolated.

Some organizations have a false sense of security and believe their industrial control systems can’t be easily compromised. After all, these are complex systems that require in depth engineering knowledge to operate. Others feel their systems are not high value targets. Even if an organization's infrastructure is not high profile or easy to compromise, it remains a target. Primarily because cyber criminals have become experts at monetizing all forms of hijacked computing resources.  Full Article: