As reported in Industrial Cyber, “The interconnected nature of organizational systems has made it more complicated to identify and protect industrial crown jewels, especially as nation-state hackers and state-sponsored adversaries attempt to breach such environments. Apart from the physical machines and production systems, these crown jewels now include legacy equipment, digital twins, remote access gateways, and cloud platforms, with the flow of data between these technologies spread widely. These systems keep industries functioning, but they are often frail, patchy, or next to impossible to take offline, so defense is a constant game of balancing acts.”
“As the technology of the industrial landscape changes, so too do the critical assets or ‘key terrain’ that make up the core components of our industrial processes,” Mark Bristow, director of MITRE’s Cyber Infrastructure Protection Innovation Center (CIPIC), told Industrial Cyber. “Technological advances like cloud computing have already moved lots of industrial control decision elements off the factory floor and into faraway datacenters, making those datacenters and the communications pathways between them suddenly critical to industrial decision making.”
Bristow added that legacy mechanisms for conducting criticality and safety analysis need to be modernized to take this into account.