Why Industrial Companies are a Target
Industrial companies are often plagued by legacy unpatched infrastructure and a lack of skilled resources to manage cyber risk properly. Attackers know these environments have many vulnerabilities and they know an attack can mean major consequences for the infected.
The next question is, why are companies struggling to address this?
Most industrial automation environments are poorly inventoried. If you do not know what is connected in the environment, you cannot secure it. IT and OT teams MUST start work together to close those gaps with industry experts.
Does your organisation have competing security priorities between teams, gaps in security strategies or undefined roles in security? Are your employees working remotely because of COVID-19, increasing risks to your infrastructure from unknown devices and insecure connections?