Mahesh Singh
Dr. Kishore K. Morya
Abstract
Connecting everything to the Internet is the discussion across the globe today. Near future will be of the fourth industrial revolution, where cyberphysical systems, the Internet of Things (IoT) and Internet of Services (IoS), are more significant to OEMs, system integrator and asset owners. Thus, it is only a matter of time when maximum ICS information is routed to sophisticated applications across enterprises through a wide area network where security is insignificant leading to ineffective protection. Convergence of Operation Technology (OT) with external networks and the Internet is opening several connections and is being managed over handheld mobile devices held by system administrators. Therefore, it has become vital to get the OT systems within the purview of cyber security to make them secure. As the Energy and Natural Resources (ENR) Sector too are now deploying advanced automation for considerable bottom line developments during convergence of Information Technology (IT) and Operational Technology (OT), which has made these organisations susceptible to frequent cyber-attacks, it brings more focus towards OT as well. Now, it is inevitable for organisations to come together and to take cognizance of the current dynamic cyber environment and take proactive actions accordingly. The ENR Sector being the most important sectors in the economy of any nation, the impact of cyber-attacks in this sector is widespread for any organisation and may even have worldwide political and commercial effects in certain cases. This paper highlights the cyber risks faced by Industrial Control Systems, awareness of Cyber Security of Operational Technology (OT) in ENR Sector in India and gain insights into their peers, as well as boost their preparedness to reduce the risk of cyber-attacks.Keywords- Energy and Natural Resources (ENR), Information Technology (IT), Operational Technology (OT), Industrial Control systems (ICS), Supervisory Control and Data Acquisition systems (SCADA), Cyber-attacks, Critical Information Infrastructure (CII).