Cyberattacks on ICS and SCADA systems can impact the safety, availability, and reliability of systems, operations, and value chains leading to catastrophic consequences. Organizations that are potentially impacted by these consequences are located in various industries, including but not limited to electric power, water, nuclear, manufacturing, infrastructure, transport (railways, ports, and airports), and oil & gas (upstream, midstream, downstream).
Organizations within these industries have a variety of concerns such as cyberattacks that could cause damage to reputation, shareholder confidence, environment, or cause system outage, loss of production, injury, or even loss of life. Organizations therefore must assess if they have the right mitigations in place to sustain ICS security. While IT and OT have been increasingly convergent over the years, a gap in understanding and solid practice between OT and IT security tends to remain. This critical skills gap contributes to security vulnerabilities, which are often overseen but must be identified and addressed appropriately.