ITSEC Asia: The Importance Of Cyber Resilience In Operational Technology In Various Sectors

JAKARTA - The implementation of Information Technology (IT) and Operational Technology (OT) in industries in various sectors is a sign of the start of a new chapter of the Industrial Revolution 4.0.

If IT is usually a computer system used to manage, process and protect data, OT is a technology system responsible for monitoring performance and processes on industrial physical devices.

According to ITSEC Asia, a cybersecurity company, facing an industrial revolution 4.0, various cyber protection efforts against IT are certainly mostly carried out rather than OT.

In fact, most industries that depend on OT are companies engaged in critical infrastructure sectors such as transportation, food and agriculture, especially oil, mining, gas, and energy.

One example of a cyber attack case targeting the OT system was, in December 2015, three Ukrainian companies engaged in the energy sector experienced a Malware attack by the 'Sanworm Group' on their electrical substations.

This caused more than 200 thousand homes in western Ukraine to experience power outages for approximately 6 hours. And this case is the world's first case of power outages caused by cyberattacks.

Based on this case, ITSEC emphasized that when OTs from the vital infrastructure industry experience an attack, various bad scenarios will occur, ranging from foodstuffs that begin to rot, to the lives of hospital patients who are threatened because of the lack of electricity to carry out treatment.

"Therefore, good cybersecurity infrastructure is not only needed in IT systems, but also in the scope of OT," said ITSEC Asia President Director Joseph Lumban Gaol, quoted on Sunday, March 3.

GM Security Solution PT ITSEC Asia Tbk, Atik Pilatto also said that there are several things that need to be considered in implementing cybersecurity systems within the OT infrastructure of an industry.

Indeed, it is not an easy thing. However, there are several keys that need to be considered in realizing a resilient and robust cyber ecosystem, ranging from governance and compliance, planning, implementation, to awareness of cyber security in all levels of the company and industry," said Pikto.