Why securing the OT environment against cyberattacks is vital

(Credit: Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Shunichi Miyanaga, Chairman of the Board, Mitsubishi Heavy Industries


  • Despite existing frameworks to secure operational technology (OT) environments, cybersecurity controls often ease or are overlooked during key lifecycle phases.
  • Risks can open up during Factory Acceptance Testing, Site Acceptance Testing, shutdown maintenance and brownfield services.
  • Here, we consider how these risks can be mitigated.

Despite existing frameworks to secure operational technology (OT) environments, cybersecurity controls often ease or are overlooked during key lifecycle phases, such as Factory Acceptance Testing (FAT), Site Acceptance Testing (SAT), shutdown maintenance, and brownfield services, increasing vulnerability to cyber threats. CISA’s 2022 report highlights a 30% increase in OT system cyberattacks, with over 800 incidents. ENISA’s findings corroborate this, showing that 63% of critical infrastructures faced cyber incidents, 55% targeting OT systems.

The early months of 2023 saw notable cyberattacks: a ransomware strike on a U.S. water plant in January; a European power grid disruption in February; and, an Asian transportation company’s operational halt in March. These incidents emphasize the importance of stringent cybersecurity throughout the OT system lifecycle, especially in critical stages

Risks during the FAT milestone and proposed controls

During FAT, a pivotal stage in the OT system lifecycle, the system is tested in a controlled environment to confirm adherence to design requirements. During FAT, however, cybersecurity controls often become less stringent, with emphasis primarily on design specifications over security, unless explicitly included in the scope. It’s crucial to integrate essential high-level cybersecurity controls at this stage to prevent transferring risks or threats to the site post-FAT. This proactive approach is key to maintaining robust security throughout the system’s lifecycle. These controls include, but are not limited to:

• Security of the staging area

Staging areas, designated for pre-deployment system testing, require secure measures to prevent unauthorized access, thereby avoiding the introduction of malware or other threats into production environments.

• People

People are always the weakest point in any security system. It is important to educate employees about best cybersecurity practices. This includes training on how to identify phishing activities, handling sensitive project information, complying with cybersecurity requirements and identifying and reporting a cybersecurity incident.

Discover

How is the World Economic Forum addressing rising cybersecurity challenges?

The Global Security Outlook 2023 revealed that 43% of leaders polled believe that a cyberattack will materially affect their organization in the next two years.

The World Economic Forum’s Centre for Cybersecurity drives global action to address systemic cybersecurity challenges. It is an independent and impartial platform fostering collaboration on cybersecurity in the public and private sectors.

Learn more about our impact:

Want to know more about our centre’s impact or get involved? Contact us.

• Asset lists

An asset list is a comprehensive list of all hardware and software assets used in a specific project. This list is the main pillar to detect and understand if any changes have occurred.

The asset list contains information about firmware versions, OS, IP addresses, MAC addresses, vulnerabilities, what was patched and what wasn’t, the latest updates to end-point security, etc. The list must be maintained and updated regularly to ensure that all assets are properly secured, as well as to enable effective vulnerability and patch management.

• Access controls

Access controls are essential to prevent unauthorized access to sensitive information and systems. This includes implementing strong password policies, multi-factor authentication and other mechanisms to ensure that only authorized personnel can access sensitive areas or functions.

• Secure configuration

Secure configuration involves implementing security best practices when configuring hardware and software systems. This includes disabling unnecessary services and ports, using strong encryption and implementing other security measures to reduce the attack surface of a system.

• Vulnerability and patch management

Vulnerability and patch management involves regularly scanning systems for vulnerabilities and deploying patches to fix known issues. This is critical to prevent attackers from exploiting known vulnerabilities to gain access to sensitive information or disrupt operations.

• Incident management

Incident management involves having a plan in place to respond to cybersecurity incidents when they occur. This includes identifying the scope of the incident, containing it and recovering from it, as well as conducting a post-incident analysis to identify areas for improvement.

All these controls must be implemented and documented during the FAT milestone to ensure that potential risks are not transferred to the site.

https://cdn.jwplayer.com/players/9psU3UfP-ncRE1zO6.html

Risks during the SAT milestone

Similarly, the SAT/shutdown maintenance window and brownfield services milestone also pose a cybersecurity risk to the OT system. During this milestone, the system is tested in its actual environment and any issues are addressed. These milestones, however, may require taking the system offline and cybersecurity controls may be relaxed to facilitate maintenance activities. Moreover, third-party contractors may not be familiar with the system’s cybersecurity controls, leading to potential cybersecurity problems with the completion of maintenance work and when the system/plant is brought online again to resume production. This can result in dozens of untraceable changes to the cybersecurity controls, which are either disabled or bypassed.

Proposed high-level controls

Apart from the high-level controls mentioned during the FAT milestone, additional controls need to be implemented during the SAT/shutdown maintenance window and brownfield services due to the dynamic SAT environment. These controls include:

• Environment integration

During SAT, the system is evaluated for its integration with the surrounding operational systems. This can identify vulnerabilities that might arise due to interactions with other systems or software.

• Network integration and firewalls

As the system is now in its intended network environment, SAT can assess how it interacts with firewalls, intrusion detection systems and other network security measures. It can uncover vulnerabilities, such as open ports, that shouldn’t be open or potential for unauthorized network access.

• Authentication and authorization

While these might be tested during FAT, during SAT, they’re tested in the context of the operational environment. For instance, how the system integrates with the enterprise’s identity and access management solutions.

• Red/blue team testing

Sometimes, organizations might choose to perform more aggressive penetration testing (red team exercises) during SAT to see how the system holds up against simulated cyberattacks in its actual environment.

• Incident response integration

During SAT, you might also test how incidents on the system integrate with the broader organizational incident response plan and tools.

How to mitigate these risks

To mitigate these risks, end-users, contractors, vendors and suppliers must establish and adopt a robust change management process that includes proper documentation, approval mechanisms, testing and validation procedures. This process should ensure that all changes, including those made during the critical and gap periods, are properly tracked, assessed for security implications and validated before the system’s commissioning. A more advanced and strict approach is to assign a dedicated cybersecurity officer to follow up and document all the changes made at different milestones.


Discover more from The European Sting - Critical News & Insights on European Politics, Economy, Foreign Affairs, Business & Technology - europeansting.com

Subscribe to get the latest posts sent to your email.

Interesting reads

© WHO/PAHO PAHO has mobilised emergency health supplies from its Strategic Reserve in Panama following the earthquakes that struck the country on 24 June.

Venezuela’s earthquake-hit hospitals pushed to the brink as disease risk grows

This article is published in association with United Nations. A week after earthquakes tore through northern Venezuela, hospitals in La Guaira are buckling under the weight of the disaster – and the risk of disease outbreaks in shelters is rising fast. An assessment by the UN-backed Pan American Health Organization (PAHO) found that all eight health […]
Venezuela earthquake disaster: needs ‘skyrocketing’, say relief agencies

Venezuela earthquake disaster: needs ‘skyrocketing’, say relief agencies

This article is published in association with United Nations. In Venezuela, a rescue operation in La Guaira has succeeded in getting a toddler out alive from under the rubble, six days since the double-earthquake disaster. The miraculous story of the three-year-old’s rescue in the worst-hit northern region came as tens of thousands of people remained without […]
© WFP/Maxime Le Lijour Much of Gaza will need rebuilding after the war with Israel.

Despite record $100 million shortfall, Palestine relief agency still ‘a critical platform’ for Gaza recovery

This article is published in association with United Nations. The UN agency serving 5.9 million Palestine refugees, UNRWA, continues to strive to deliver on its mandate while facing an unprecedented $100 million budget shortfall, a gap it hopes to narrow during Tuesday’s pledging conference at UN Headquarters. Operating primarily on voluntary donations since its inception in the […]
© UNOCHA Sloviansk in eastern Ukraine has been regularly attacked with aerial bombs and drones.

UN details humanitarian toll of strikes on Ukrainian power industry

This article is published in association with United Nations. Missile and drone attacks killed at least a dozen civilians in Russia and Ukraine over the weekend as both countries continue to launch long-range drone strikes. Tweet URL Ukrainian authorities reported eight civilians killed and 35 others wounded in Russian attacks on the city of Dnipro on […]
Photo credit: Luis Garcia The UN System is present in La Guaira, the region most severely affected by the devastating twin earthquakes that struck Venezuela.

Venezuela earthquakes leave 680,000 children in need of assistance: UNICEF

This article is published in association with United Nations. Some 680,000 children are among the 1.8 million people in need of humanitarian assistance following the earthquakes that struck Venezuela on 24 June, the UN child rights agency UNICEF reported on Sunday as rescue efforts continue. Damage to hospitals, schools, and water systems is exacerbating the situation for affected families, […]
This article is published in association with United Nations.

Europe heatwave breaks records as UN agencies ramp up health warnings

This article is published in association with United Nations. Climate and Environment As a record-breaking heatwave grips large parts of Europe, the World Meteorological Organization (WMO), national weather services and partners are mobilising heat-health action plans for millions of people facing dangerous temperatures.  The extreme heat is also impacting economic activities, infrastructure, agriculture and ecosystems, the UN weather […]
© Unsplash/Angus Gray Ship transits through the Strait of Hormuz have dropped by over 90 per cent since the crisis escalated in late February 2026.

Stranded Hormuz seafarers begin mass evacuation operation

This article is published in association with United Nations. As the UN International Maritime Organization (IMO) released more details of its plan to evacuate more than 11,000 seafarers stranded in the Strait of Hormuz, one mariner caught up in the emergency has described the ever-present fear of coming under attack. “You don’t know when the war […]
© Unsplash/Angus Gray Ship transits through the Strait of Hormuz have dropped by over 90 per cent since the crisis escalated in late February 2026.

World News in Brief: UN launches Hormuz evacuation plan, UNICEF youth champion killed in Gaza, Lebanon ceasefire ‘largely holding’

This article is published in association with United Nations. The International Maritime Organization (IMO) will begin implementing an evacuation plan for more than 11,000 seafarers stranded in the Strait of Hormuz, the UN agency announced on Tuesday. The development follows months of hardship and distress for thousands of innocent seafarers and comes on the heels of […]
© Unsplash/Michu Đăng Quang The emissions from electricity or gasoline that power air conditioners contribute to global warming. "It's time to come clean" and do more to promote renewable energy, the UN Secretary-General told the London Climate Action Week.

Climate crisis: UN chief lays out solutions blueprint for clean energy transition

This article is published in association with United Nations. As a deadly heatwave continued to grip Europe on Tuesday, UN Secretary-General António Guterres issued an impassioned appeal for more ambitious global action on climate change caused by fossil fuels, to prevent irreversible damage. In a major keynote speech at London Climate Action Week, the UN chief […]

Libya’s political process regains momentum, but window for action is narrowing, UN envoy warns

This article is published in association with United Nations. Libya has been mired in political dysfunction since the collapse of Muammar Gaddafi’s regime in 2011, which shattered State institutions and triggered recurring struggles over legitimacy and power.  The country’s current stalemate pits the UN-recognised Government of National Unity in the capital Tripoli against eastern-based authorities backed […]
© UNICEF Chad hosts refugees from conflicts in neighbouring Sudan, the Central African Republic and Cameroon.

World Refugee Day: UN calls for renewed commitment and solidarity

This article is published in association with United Nations. The UN High Commissioner for Refugees has called on the international community to strengthen support for the nearly 42 million people worldwide who have fled their home countries to escape conflict, violence or persecution. Barham Salih highlighted the contributions refugees make to their host communities as workers, students, neighbours, […]
© WFP/Htet Oo Linn Families in Myanmar have been hit hard by rising prices, with the most vulnerable struggling to meet their daily needs.

US makes $1 billion contribution to UN child rights and food agencies

This article is published in association with United Nations. Two United Nations agencies have together welcomed more than $1 billion in assistance from the United States to support their operations targeting millions of children and hungry families in more than 40 countries. This week the US State Department announced a more than $800 million contribution to the […]
© UNICEF/Oleksii Filippov A bouquet of flowers and soft toys placed near the site of a missile strike, left in memory of the children killed in the early morning attack in Kyiv, Ukraine, on 24 April 2025.

‘Darkest chapter’: Record child violations in 2025, with national forces leading the way

This article is published in association with United Nations. For the first time, soldiers and Government forces were responsible for more grave violations against children in armed conflict than non-State armed groups – and 2025 set a grim new record for the total number of child victims.  The findings come in the annual UN report on Children and Armed […]
© UNICEF/Sukhum Preechapanich Children in Thailand are enduring extremely hot temperatures and drought. (file)

Triple climate threats affect nearly half the world’s children

This article is published in association with United Nations. Drought, extreme heat and heatwaves are the most prevalent trio of hazards endangering millions of children globally, warned a newly released climate report by the UN Children’s Fund (UNICEF). About 1.1 billion children now face at least three overlapping climate hazards, threatening their health, education and survival, […]
© UNOCHA Kyiv Pechersk Lavra is a UNESCO World Heritage Site and one of Ukraine's most significant religious and cultural landmarks.

Ukraine: Latest Russian attack kills civilians, damages cultural landmark

This article is published in association with United Nations. eral civilians were killed and dozens more were injured in the latest wave of overnight attacks in Ukraine that targeted the capital Kyiv, the city of Kharkiv and the country’s history and cultural heritage, the United Nations said on Monday. The Russian strikes damaged homes, schools and […]
© NASA/GSFC/Jacques Descloitres The Strait of Hormuz is a narrow but vital shipping route linking the Persian Gulf to the Gulf of Oman and the wider Arabian Sea. It lies between Iran to the north and Oman and UAE to the south.

Guterres welcomes US-Iran peace deal as ‘critical step’ toward ending conflict

This article is published in association with United Nations. UN Secretary General António Guterres welcomed on Sunday a new peace deal between the United States and Iran, calling it a “critical step” toward ending the conflict. According to a statement issued by his Spokesman, the agreement provides for an immediate and permanent ceasefire, the reopening of […]

Three seafarers killed in Hormuz strike as UN warns of widening fallout

This article is published in association with United Nations. Three Indian seafarers were killed in an attack on an oil tanker near the Strait of Hormuz on Wednesday, as renewed hostilities in one of the world’s most critical shipping corridors once again heightened concern over food security, fuel prices and broken global supply chains. The latest […]
© UNICEF/Royena Rasnat A group of Rohingya refugee children attend an activity centre in Cox's Bazar in Bangladesh.

Refugee numbers drop for first time in a decade, but millions remain trapped

This article is published in association with United Nations. Global forced displacement has decreased for the first time in a decade, the UN refugee agency (UNHCR) reported on Thursday, though the figure remains unacceptably high and tens of millions of people are still trapped in prolonged exile with little prospect of rebuilding their lives. UNHCR‘s flagship […]
This article is published in association with European Investment Bank.

Miles for Water: The Daily Health Burden of Climate Change on Women

This article was exclusively written for The European Sting by Ms. Jasminy Musa Belotti Dessiyeh, a 19-year-old medical student at FACISB (Faculdade de Ciências da Saúde de Barretos), Brazil. She is affiliated with the International Federation of Medical Students Associations (IFMSA), cordial partner of The Sting. The opinions expressed in this piece belong strictly to the writer and […]

Why don't you drop your comment here?

Go back up

Discover more from The European Sting - Critical News & Insights on European Politics, Economy, Foreign Affairs, Business & Technology - europeansting.com

Subscribe now to keep reading and get access to the full archive.

Continue reading

Discover more from The European Sting - Critical News & Insights on European Politics, Economy, Foreign Affairs, Business & Technology - europeansting.com

Subscribe now to keep reading and get access to the full archive.

Continue reading

The European Sting – Critical News & Insights on European Politics, Economy, Foreign Affairs, Business & Technology – europeansting.com