-
AUKUS through a Test and Evaluation Lens
18 Jul 2024
-
Assured Position, Navigation and Timing - "Are we there yet?"
18 Jul 2024
-
Webinar - Low-Carbon Warfare: Fact or Fantasy?
07 Jun 2024
-
March 2024: Futures Lab - Cutting edge technologies and research influencing Defence
11 Apr 2024
-
Celebrating International Women’s Day 2024
08 Mar 2024
The modern challenges of protecting Critical National Infrastructure
15/08/2023
Greig Walker, Principal Cyber Security Architect
The convergence of Information Technology (IT) and Operational Technology (OT) has become more prevalent, resulting in new challenges and considerations, especially given some of the security control constraints exist within OT environments. The emergence of the Internet of Things (IOT) including industrial IOT has meant that the attack surface and threat have increased significantly. This is further complicated by the adoption of cloud technologies as part of everyday business. Whilst the use of cloud offers new ways of working, helping business to achieve more and scale faster, this is not without risk.
As more environments and systems are connected (directly or indirectly) to uncontrolled environments like the internet, how do you protect Critical National Infrastructure (CNI) and those systems that have security challenges? Here, the potentially catastrophic consequences of malicious interference or a significant service failure are profound. With aging infrastructure and disconnected systems being integrated with internet based technology, this produces a unique set of challenges.
When protecting CNI it is essential to know what you’ve got and what you are dealing with. By understand the risks, threats and operational imperatives, this ensure visibility of the right parts of your OT and IT environments and helps to identify the critical assets that are essential for maintaining service continuity. Such awareness will help to establish the level of risk tolerance and to determine the most appropriate level of protection, detection and mitigation.
At QinetiQ, with our breadth and depth of expertise, we understand the challenges that CNI organisations face, recognising in particular the need to consider and respond to not only the cyber security challenge, but also having to ensure that systems remain operationally safe and effective. Our approach considers the business context, intended implementation, connections and the most likely compromise paths, from which we tailor solutions that are appropriate and proportionate to meet your needs. This approach supports governance, risk and compliance activities and ensures alignment with regulating bodies, helping you to secure your past and protect your future.
Protecting Critical Systems guide
Our new guide, "The Blueprint for protecting critical systems" outlines the five top tips to guarantee the most appropriate Operational Technology security strategy for providers of essential services.