I once had my wallet stolen in a mall during my freshman year. Unpleasant, but not fatal. It would have been a different matter if it had happened in a dark alley — if I’d just come out of a store and a gang had come at me with the words “your money or your life”, the stakes would have been very different. In my case it was a question of money; in the other case my life would be at stake.
These stories remind me of what is happening in the digital world today. As we know, there used to be two independent and loosely overlapping worlds: the world of operational technology (OT), where hardware, industrial automation and critical infrastructure «reside», and the world of information technology (IT), home to all sorts of “office” systems.
It used to be that in the IT world, it was primarily information security that was at stake. By hacking into an IT system, attackers could steal data, but they could not normally harm anyone physically. It was about stealing a wallet, not physical violence down a dark alley.
As digital transformation takes hold, these two worlds, OT and IT, are merging. And, for example, to digitize production, previously autonomous systems — including elements of critical infrastructure — must be connected to the network.
As a result, hacking into an enterprise’s information system now involves not only a breach of information security, but also of functional security (safety) — and poses a threat to the health and lives of people. Can you imagine what would happen if cybercriminals were able to take control of the equipment that workers interact with directly in the workplace? In June 2022, for example, cybercriminals targeted equipment at an Iranian steel plant and started a fire. This is not an isolated case.
Cybersecurity is becoming an even more important issue today. Cybersecurity risks used to be like a trip to a busy market: we hide our wallets, watch our pockets, and maybe use some other ways to keep our money safe. Now, cyber-risks are more like walking through dark alleys in a crime-ridden neighborhood at night. It’s not just about keeping an eye on your wallet – you need to use other methods.
I once had my wallet stolen in a mall during my freshman year. Unpleasant, but not fatal. It would have been a different matter if it had happened in a dark alley — if I’d just come out of a store and a gang had come at me with the words “your money or your life”, the stakes would have been very different. In my case it was a question of money; in the other case my life would be at stake.
These stories remind me of what is happening in the digital world today. As we know, there used to be two independent and loosely overlapping worlds: the world of operational technology (OT), where hardware, industrial automation and critical infrastructure «reside», and the world of information technology (IT), home to all sorts of “office” systems.
It used to be that in the IT world, it was primarily information security that was at stake. By hacking into an IT system, attackers could steal data, but they could not normally harm anyone physically. It was about stealing a wallet, not physical violence down a dark alley.
As digital transformation takes hold, these two worlds, OT and IT, are merging. And, for example, to digitize production, previously autonomous systems — including elements of critical infrastructure — must be connected to the network.
As a result, hacking into an enterprise’s information system now involves not only a breach of information security, but also of functional security (safety) — and poses a threat to the health and lives of people. Can you imagine what would happen if cybercriminals were able to take control of the equipment that workers interact with directly in the workplace? In June 2022, for example, cybercriminals targeted equipment at an Iranian steel plant and started a fire. This is not an isolated case.
Cybersecurity is becoming an even more important issue today. Cybersecurity risks used to be like a trip to a busy market: we hide our wallets, watch our pockets, and maybe use some other ways to keep our money safe. Now, cyber-risks are more like walking through dark alleys in a crime-ridden neighborhood at night. It’s not just about keeping an eye on your wallet – you need to use other methods.