Industrial operations are increasingly becoming the target of cybersecurity attacks. There are new devices adding network connectivity as they migrate from traditional fieldbuses and standalone operation. Additional connections are being created between the IT and OT space and machine builders increasingly offer analytics if their machine can be connected to the cloud. International standards for cybersecurity, known as IEC 62443, are being updated and expanded, including requirements for end users, system integrators, and device manufacturers. These standards require defense in depth strategies to reduce the risk of attacks that cause harm considering the additional connectivity.
As you advance the cybersecurity of your operations, you need more capability at deeper levels of the defense in depth strategy. Have you performed cybersecurity assessments, minimized your attack surface with cybersecurity essentials and implemented best network segmentation practices? If you're ahead of all these, you're on the right track!
Even once you have strong security policies and protections, adding security at each layer improves your resilience against attacks. For example, how will you protect your process if a malicious actor has access behind your firewall? You may be susceptible to various attacks that need additional measures to mitigate.