The Cyber Future of Critical Infrastructure In 2023

Post

ntroduction

Our Critical Infrastructure is of at grave risk today. But instead of looking at the situation right now, let’s see what the future could hold in 2023.

What The Future Holds

Cyberattacks on Critical Infrastructure are occurring at a more rapid rate now, and it has garnered the attention of the industry. However, it still has not fully captured the sense of urgency yet in that something needs to be done to fortify these structures further. What is anticipated for the future? Here is a glimpse:

1)    Segmentation could occur:

In the digital world, this one of the big buzzwords that are being floated around right now. At present, most businesses typically have just one defense line that separates the threats from the external environment into the internal environment. This is very often referred to as “Perimeter Security.” But the fundamental flaw (and a very serious one) is that once the Cyberattacker is able to break through this, they can pretty much move laterally and get access to anything they want to. Thus, with the implementation of MFA and the Zero Trust Framework, there have been calls now to further divide up the IT and Network Infrastructure that exists in the internal environment into smaller chunks, and this is known as “Segmentation.” Each segment would have its own set of defenses, and the statistical probability of a Cyberattacker breaking through all of these segments becomes lower each and every time, and as a result, they give up in frustration. It is hoped that this same line of thinking can also be applied to Critical Infrastructure as well. However, the main problem is that they all consist of legacy computer systems, which may or may not support the Segmentation efforts. Even if they do, there is no guarantee that it will be sustainable for the long term.

2)    The Internet of Things:

Right now, this phenomenon has been further catapulted by the rise of the Remote Workforce, where pretty much everything has gone digital. This is the notion where all of the objects that we interact with within both virtual and physical worlds are interconnected with another. There is a great interest, and even efforts are currently being undertaken to bring the world of the IoT into Critical Infrastructure. This now becomes known as the “Industrial Internet of Things,” or “IIoT” for short. But it is expected that this trend will quickly dissipate into the future as more Cybersecurity attacks are launched against Critical Infrastructure. The reason for this is simple: With an IIoT in place, the attack surface becomes much more significant, and the number of backdoors that the Cyberattacker can penetrate into is now greatly multiplied. 

3)    The financial damage will escalate:

As more threat vectors are launched, they will obviously become more sophisticated and covert in nature. Given this, the financial toll that it will take on Critical Infrastructure that are impacted is expected to reach well over the multimillion-dollar mark. Also, is it anticipated that the downtime period to recover from future attacks will be a lot longer than what it is at present, thus adding more to the financial toll. With the convergence currently taking place within the IT and the Operational Technology (OT) realms, the Cyberattacker will quickly gain access to either the ICS or SCADA systems via any vulnerabilities gaps that persist in the network of the Critical Infrastructure.

4)    A closer collaboration with Cybersecurity:

It is also expected that the Critical Infrastructure leaders will start to work closely with the Cybersecurity Industry. Not only will there be attempts made to try to add on security tools/technologies that can interoperate with the legacy ones, but there will be even a greater effort to share threat intelligence information/data on a real-time basis so the IT Security teams of Critical Infrastructure can be much better prepared to handle any threat vectors that are looming on the horizon. This new movement has been termed the era of “Shared Responsibility appropriately.” 

5)    A greater need for Cybersecurity Insurance:

Essentially, by purchasing this kind of policy, a company, in theory, can be protected by financial losses if a Cyberattack impacts them. But the reality holds different in the sense that there is still a lot of confusion out there as to what will technically be covered. So while a company may think they have full coverage, the chances are still there that they will not get a 100% payout. But despite this, the Critical Infrastructure is starting to understand the need for some sort of financial protection in case they are breached. Thus, there will be a great increase in demand for Cybersecurity Insurance Policies in the coming years in order to recoup any financial damages incurred by attacks on legacy systems.

6)    Migration to the Cloud:

At present, there is a lot of efforts now to move On-Premises solutions to a Cloud-based platform, such as that of AWS or Microsoft Azure. While there could be some success with this as it relates to Critical Infrastructure, there is also the realization that a pure 100% migration will probably not happen. The primary reason for this is that, once again, most of the developed technologies for Critical Infrastructure were developed back in the ’70s and the ’80s. Thus, trying to put all of this into something as advanced as the Cloud probably will not be able to occur.

Conclusions

It is important to keep in mind that Cyberattacks do not just happen to digital assets. This is where the current mindset is at with Corporate America, and this drastically needs to change. For example, there are physical assets as well, namely that of the Critical Infrastructure. 

As we have seen with the last attack (in which the perpetrator actually tried to poison the water supply), this area of industry is at grave risk. An equal amount, if not greater, attention needs to be spent in this area as well in order to come up with ways to mitigate further its risk of being impacted by a security breach.

The downtime suffered here will be a lot longer and even more devastating than what has been witnessed with security breaches that have transpired in the digital world.