UK government releases new cloud SCADA security guidelines for OT
The British National Cyber Security Center (NCSC) announced this new guidance on securing cloud environments for supervisory control and data acquisition (SCADA) for operational technology (OT).
The UK’s Critical National Infrastructure (CNI) relies heavily on SCADA as a means of data collection and monitoring, and the importance of their environment puts them at greater risk from cyber-attacks.
Therefore, the NCSC seeks to increase the security and resilience of these environments to reduce the risk of a critical breach by cybercriminals or state-backed groups.
Tips and tricks for SCADA security
The original foundation of SCADA security in legacy systems was designed around the “air-gapped” model, where the SCADA infrastructure is separated from both the Internet and the organization’s network.
The NCSC says that if an organization wants to move from the ‘air-gapped’ model to a cloud environment, significant controls and constant monitoring are required over connectivity and access to the CNI. However, migrations to a cloud environment should be considered on a case-by-case basis, with specific guidance provided depending on the organization’s use case.
There are a range of solutions that the NCSC provides guidance on, from full cloud migration to using the cloud as a simple standby/recovery solution – each with its own pros, cons and risk levels.
One of the key benefits of using a cloud environment is the open design of the cloud, which allows organizations to maintain a consistent observation of their environment over time, especially as new and advanced threats emerge and are studied and understood .
The NCSC also emphasizes the scalability of cloud environments, both in terms of capacity and application usage, with both available depending on the needs, size and criticality of the infrastructure being managed.
China has increasingly targeted the US CNI in a number of cyber attacks, and its sights could soon be more focused on Britain, the NCSC says, stating in its 2023 Annual Review that “it is highly likely that the cyber threat to the British CNI has increased in recent years”. last year,” alongside a statement in a joint advisory with the US Critical Infrastructure & Security Agency (CISA) on the risks posed by China.
Chris Doman, CTO and co-founder of Cado Security said of the NCSC guidelines: “This report is driven by two trends: SCADA systems are increasingly not only connected to the internet, but also hosted in the cloud. easier access to the data, but can also increase the attack surface.
“There is broader concern and awareness about the security of critical national infrastructure and the potential for cyber attacks to cause physical damage, partly as a result of global events.”