Decoding the NCSC’s New Guidance for Cloud-Hosted SCADA
May 28, 2024 – Published on ISMS.online
Operational Technology (OT) systems automatically monitor and control processes and equipment running everything from power plants to smart hospitals. Failure or malfunction in OT presents physical dangers absent from IT systems. Safety, reliability and availability are prioritized in the former.
That’s why new National Cyber Security Centre (NCSC) guidance has been broadly welcomed. It’s designed to help OT organizations determine the suitability of various cloud platforms for hosting their supervisory control and data acquisition (SCADA) systems.
Moving SCADA-based applications into the cloud promises to make the infrastructure easier to manage, while reducing the overhead for internal IT teams. But this has to be considered alongside security and operational management risks. These include heightened risk from data breaches, unauthorised access, exploitation of vulnerabilities and denial-of-service attacks, according to GuidePoint Security’s head of OT security, Pat Gillespie.
“Cloud solutions will add latency when accessing the applications, databases, and services,” he tells ISMS.online. This is a major issue because SCADA controls and industrial applications rely on real-time data.
Read More HERE.