Cloud connectivity offers a wealth of benefits for energy providers and other critical infrastructure operators. Sending data from operational technology devices to the cloud allows asset owners to use remote diagnostic and analysis tools, improve supply chain management, and take advantage of enhanced services from machine vendors and other providers.
New connections, however, can introduce new risks. Inadequately secured connections create opportunities for unauthorized parties to access critical systems, and some security “solutions” have the potential to be hijacked and used to launch attacks by sophisticated threat actors.
The complex dynamics of evolving threats and evolving cloud capabilities have led to a variety of security postures in the energy industry and the critical infrastructure sector in general. Most of today’s scenarios fall into one of four categories, several of which might exist simultaneously within a single organization…