Virtualization Technology News and Information
Industrial Defender 2022 Predictions: OT cyberattacks drive increased adoption of SOAR, cyber hygiene and compliance

vmblog predictions 2022 

Industry executives and experts share their predictions for 2022.  Read them in this 14th annual series exclusive.

OT cyberattacks drive increased adoption of SOAR, cyber hygiene and compliance

By Peter Lund, Vice President of Product Management at OT security company Industrial Defender

Operational Technology (OT) proved its importance early in 2021 when thousands felt the seriousness of the Colonial Pipeline ransomware attack that left citizens uncertain of their ability to go about their daily lives.  The nation was extremely fortunate that the attacked primarily stayed withing the confines of IT. While gas, water, and electricity seem like guarantees, an operational technology (OT) attack is a blatant reminder that bad actors can put these necessities to a halt all too easily. With these disasters on our hands, we will see more of a focus on OT cybersecurity efforts as we enter 2022 - and these are the steps that will get us there.    

We will see greater adoption of SOAR in OT

Security Orchestration, Automation and Response (SOAR) is standard practice in IT. In 2022, we'll see more OT cybersecurity experts rely on these guidelines to ensure OT security as well.

OT passive monitoring solutions will need to expand active data collection capabilities to keep up with OT asset management use cases

Many enterprises rely on outdated monitoring solutions that don't account for real-time data collection. To better manage OT assets, it will be crucial to expand data collection capabilities.

Traditional MSSPs will double down on OT service offerings

Managed security service providers must offer OT services in 2022 to stay competitive. This is seen with Deloitte's recent acquisition of OT security provider aeSolutions.

Renewables will face new compliance standards

Renewable energy providers have been able to avoid the same compliance standards set for long-time utilities providers. Now, however, with an increased reliance on alternative energy sources, we'll see an increased need to prioritize OT security.

The U.S. government will double down on the NIST Cybersecurity Framework for standard cybersecurity controls

The NIST Cybersecurity Framework is essential for enterprises looking to check its cybersecurity boxes. In 2022, we can expect NIST to continue to provide additional updates and recommendation as it aims to standardize cybersecurity controls.

Organizations will rely less on threat intelligence and more on preventative controls

Threat intelligence is a key part of cybersecurity. However, enterprises are realizing that there is limited value in knowing what their advisories are doing when they still don't know if the doors and windows (firewalls and remote access) of their organization are locked.  I would go as far as saying is many organizations still don't know how many doors and windows they have.  Taking a step back, 2022 will welcome a renewed focus on basic hygiene.

SBOMs will remain trendy, but adoption will lag because of OEMs

The ongoing log4j vulnerability saga makes it clear (yet again) that we need SBOMs.  Unfortunately, until we get buy in from the major OEMs that supply the hardware and software that keep the lights on customers and security vendors we be behind the 8 ball when it comes to data accuracy and integrity. Hopefully log4j will be a catalyst to get the industry to agree on a standard for publishing and sharing SBOM data. 

In 2022, OT cybersecurity efforts must be refined to reduce the number and severity of cyber attacks. By adhering to compliance and hygiene priorities and taking into consideration the above predictions, enterprises and their cybersecurity teams can protect themselves from bad actors seeking to disrupt everyday life.



Peter Lund, VP of Product Management at Industrial Defender

Peter Lund

Peter has a strong technical and business background with over 15 years of experience working with and for IT and OT product companies.  Over the last five years, Peter was instrumental in bringing new features to the market for Industrial Defender.  In addition to his product management role, he utilizes a wide range of experience in application development, systems engineering and marketing. Prior to working with Industrial Defender, Peter held roles at Dell EMC, Schneider Electric and KVH Industries.

Published Thursday, January 13, 2022 7:34 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2022>