Businesses need to ensure that their IT spends are complemented with similar efforts in operational technology and consumer technology systems to combat myriad cyber attacks, says a study.
"Currently, such initiatives are not taking place in the country, leading to a rise in cyber attacks," says a report by PwC and industry lobby Assocham.
Operational technology and consumer technology systems have long been used in industrial and end-user products to monitor and control physical processes. Traditionally, these technologies have been air-gapped or segregated from the IT network. However, these systems are becoming increasingly interconnected and integrated with other IT system, the report notes.
"Economic challenges, resource constraints, business requirements and technology standardisation have made it impractical to continue completely segregating operational technology and consumer technology networks from IT networks," the report notes.
Though increased use of these systems in critical infrastructure has improved the overall efficiencies, these elements have also become the target of choice for cyber criminals since they recognise the impact of disrupting the routine way of life.
"By identifying cyber security flaws and issues, decision-makers will be better placed to implement appropriate security controls, design additional secure architecture, monitor targeted attacks and maintain effective cyber resilience for their security networks," says the study.
Maintaining a secure and resilient operational technology and consumer technology system environment requires a comprehensive strategy that covers security governance and process, implementation of the right technology and employing people with the right skills.
The study also stressed the need for setting up sector-specific nodal bodies for designing planning, advisories and guidelines to manage and govern overall cyber security aspect for the sector and enhance public-private partnerships.