Oldsmar, a small city in the state of Florida, has a population of about 15,000. It was February 5th, 2021. At the Oldsmar Water Treatment facility, a vigilant employee noticed a spike in the levels of Sodium Hydroxide – or Lye. The levels of Lye were changed to 11,000 ppm from 100 ppm – a 10,000% jump. The hacker managed to infiltrate the critical infrastructure and release excess Lye into the water that serves the entire city.
Public Utility systems without an upright security posture as far as Operational Technology is concerned, are vulnerable to such kinds of threats. The threats are real with attackers possessing advanced capabilities increasing at an alarming rate. Fears of security experts have come true, and they only compound with time. 2 in every 5 enterprises revealed that hackers targeted their OT device. Likewise, over 60% of respondents in a survey felt that the volume, complexity, and frequency of threats are likely to increase in the coming future. For an enterprise or an industrial unit, Operational Technology security is of paramount importance. In the case of infrastructure like power grids, it is a matter of national security.
What is Operational Technology(OT)?
The technology associated with the detection of a change or causes a change using hardware and software is defined as Operation Technology. This change can either be via direct control and/or monitoring of hardware like valves, sensors, I/O devices, switches, PLCs, actuators, switches, etc.), and software (customized and machine-specific). Along with the above-mentioned components, OT systems employ a wide range of control components that act together to achieve an objective.
Unlike other information processing systems, any change in an OT network has its effect in the real world. Owing to this, safety and security are of paramount importance in OT systems conflicting with security design and operations frequently.
Different types of OT systems:
1. Supervisory Control and Data Acquisition Systems (SCADA)
The SCADA systems collect data from many Input-Output devices across a larger geography. Its architecture consists of computers, and networked data communications having a graphical user interface. Commands sent from the command control (using GUI) are executed by PID controllers and PLCs (Programmable Logic Controllers) at the endpoints. Electric Lines, Pipelines, railways, and power transmission often comprise SCADA systems.
2. Distributed Control Systems – DCS
The DCS is seen in an environment having many control loops, offering both central supervisory equipment and local control level. It is seen in areas like refining, manufacturing, and power generation where high reliability and security are very important
3. Medical Systems
On-site medical devices comprise in-hospital facilities like MRI scanners, infusion pumps, EKG/ECG Machines, defibrillators, and others. These run on age-old Operating Systems and proprietary protocols. Consumer medical devices comprise insulin pumps, artificial pacemakers, and prenatal monitors belonging to the class of IoT smart devices.
4. Physical Access Control and Building Automation Systems
Every inch of an industrial complex – designing, fabrication, or manufacturing zone – needs to be protected. Right from HVAC systems, elevators, swipe cards, security cameras, biosecurity machines, and others, everything needs to be secured.
OT Security without IoT integration:
OT networks run off the grid – isolated from other networks – greatly limiting security vulnerabilities. Every process in an OT environment runs on proprietary control protocols. Critical infrastructure like transport, power distribution, healthcare, and others are an example of OT networks.
In an event of an on-site security lapse, an intruder or a group of attackers may manage to get into the premises of an industrial workhouse. The threats arising from such events can be avoided by improving security and surveillance along with the deployment of multi-layered security. This is to ensure access to critical assets and control rooms is always restricted to unauthorized personnel even in an event of an on-site security lapse.
There have also been reports of identity card and swipe card thefts, giving unauthorized people access to OT infrastructure facilities.
Did the adoption of IoT make OT systems more vulnerable?
Smart transportation, smart power transmission, smart manufacturing – every ‘smart’ thing that is a part of our day-to-day lives is an upgrade of its cousin from the pre-internet days. Anyone associated – government, private contractor, or even an academician, wants to make an OT system more reliable, cost-effective, and efficient. To achieve this goal, the adoption of services like big data analytics and other enterprise software has been integrated with the OT networks.
This means IT has been integrated with OT. This brought more misery than what OT systems have seen cumulated across the past 200 years. With the integration of Information Technology and the Internet of Things into Operational Technology, the security of the critical infrastructure that holds a nation has been put under scrutiny. To mitigate risks arising out of IT and IoT integration with OT, traditional security solutions along with strategies like defense-in-depth, layered security mechanisms, and other sophisticated modern security systems should be deployed.
Also Read: How to get started with OT security
The OT systems have moved from the state of Complete Isolation to a state where complete isolation is impossible. While the integration between IT, IoT, and OT was bound to happen sooner or later, the threats and security vulnerabilities were to follow. Just like IT Cybersecurity went through some rough patches during its infancy some 3 decades ago and is still fighting with a positive spirit, hybrid-modern OT systems to are expected to continue.
How OT Security differs from IT Security
Operation Technology is industry-oriented and focuses on the manufacturing, production, and transmission landscape. A single failure in an OT system can hurt industrial operations directly leading to long non-production hours. There have been instances of fatal accidents in some cases. Though such incidents are of low frequency, they have a destructive effect, threatening national security at times. OT security puts Safety at the forefront, despite being non-dynamic.
On the other side of the fence, IT Security deals with data flowing across various IT systems. IT security primarily is a business-oriented vertical driven by an enterprise landscape. An IT security breach can cause loss of data, leading to financial losses and compromising of data. Technologies continue to evolve to counter the new threats emerging every hour. This demands regular and constant updation and up-gradation of IT Security systems. IT Security deals with the aspect of confidentiality, and often is connected and distributed across a wide network (via the cloud).
Convergence of OT and IT – The two-edged sword!
Many OT networks are now an integral part of complex network systems often comprising thousands of devices. The gap between OT and IT is dissolving at a rapid pace, thanks to the emergence of IIoT. The OT and IT convergence have greatly improved the efficiency and performance of critical infrastructure elements. With the availability of meaningful and accurate data, it is easier to identify KPIs that further help in achieving higher efficiencies and performance.
Another big takeaway in OT and IT convergence is the cost-effectiveness it brings. Ranging from cooling systems and device management, cost optimization can be achieved across the entire system, thereby achieving considerable long-term savings. Another key development can be security orchestration and improved operational and security standards across the entire network.
Parallelly, the OT and IT convergence also throw up some critical challenges. If unaddressed, can lead to a complete shutdown of critical infrastructure. The challenges range from incompatibility of the existing edge devices, cybersecurity challenges, scalability, and lack of cross-training among employees. Often IT systems and practices evolve at a rapid pace, while OT systems are designed to work for decades with little to no invention.
This made OT networks that are a part of complex IIoT and IT networks, a soft target for many bad actors and other cybersecurity threats. This has raised serious concerns about various critical infrastructures, amplifying the need for robust OT Cybersecurity solutions.
OT Security with IoT integration:
OT networks running off the grid had little to no security challenges in terms of technology. While physical threats were always there since prehistoric times, these OT networks were almost secure from any cyber-attack. The exponential growth of IoT systems and data-driven systems in a way changed how OT networks interact with each other.
In a bid to promote corporate business solutions and increase the market share, OT systems started to integrate with other networks using IoT and other IT infrastructure. This has increased the attack area of OT systems to security vulnerabilities and bad actors manifold times.
Importance of OT Cybersecurity:
Back in the days when the Internet was in its infancy, information was entered manually into machines and there was nothing to worry about regarding Operation Technology security. By the time ‘big data’ explosively arrived onto the scene, so did the interconnectivity between OT, IT, and IoT systems. This opened doors to numerous security threats that the OT systems have never experienced in the past.
With a lot of stakeholders in place and billions of dollars of investments, securing and protecting Operational Technology is key. This has led to a call for a convergence of OT and IT security solutions, paving way for OT Cybersecurity. With Industry 4.0 heavily going to rely on data and data analytics, security cannot be rationed at any level.
There are primarily three important reasons why OT Cybersecurity is needed:
- Protecting lives and critical assets
- Ensuring no operating down-time
- National Security
As bizarre as it may sound, a coordinated cyber-attack on OT Systems can bring down an entire power transmission of a city, state, or region of a nation. The European states have been a victim of such targeted OT attacks. Firms were forced to shut down production operations for weeks. This not only impacted the production from a warehouse, but also the entire production chain, leading to losses to the tune of millions, and even billions at times.
If a bad actor manages to get access to a power grid, taking over power transmission and distribution, one can only imagine the destruction that is to follow. Similarly, a slight malfunction caused by a threat in a busy industrial environment can be life-threatening to the workforce.
Many OT systems are often left untouched for years (and even decades), to prevent any unplanned downtime. With increasing connectivity between OT, IT, and IoT networks, firms without robust OT & IT cybersecurity in place, are at the mercy of bad actors. Hackers keep lurking in the dark to make the most of exploits and vulnerabilities. A poor OT Security posture only complements their position further. Firms in the UK, Japan, Australia, and Germany have been victims of such attacks in the recent past.
Threats not only emerge from outside the network, but also from inside the network. A rogue employee, corrupt personnel, or a genuine human error can lead to non-operating time. To prevent these, an enterprise needs constant vigilance, monitoring, and controlling system in the form of Operational Technology Security solutions.
What can go wrong with OT Systems?
The biggest challenge the OT environment poses is the safety and reliability of the entire system. The entire system should be safe and highly reliable without any scope for failure. The risk of a cyber-attack on OT systems became lofty as they started being a part of a broader cyber network. Parallelly, there could be other entry points that can dissolve ‘the safety and reliability of an OT system.
The margin for error does not exist given that OT, IT, IIoT, and IoT systems are interconnected into an indistinguishable network. Forget not, an attacker can use the OT devices to crack into a highly sophisticated IT network, which otherwise would have not been possible.
Any of the following events can jeopardize the safety and reliability of an OT network:
1. Blocking information flowing through OT networks
- Information flow between devices should be encrypted wherever and whenever possible
- Automated monitoring of network bandwidth, rate of information flow between devices, and other parameters relating to network
- Ensuring all information/command/instruction reaches all components as planned. If not, any blockage in the instruction can lead to disruption. The disruption period can run into days or even weeks if the network is left unmonitored.
2. Prevention of Unauthorized changes
- Often threat actors try to disable alarms and other safety sensors
- Compromise on 2FA could well lead to system downtime. It paves way for bad actors to inject instructions that could lead to shutting down
- There is a risk of initiating inappropriate and other actions leading to a negative effect
3. Restricting interference with operational systems
- Only authorized personnel after 2FA should be allowed to access key sites
- Even during a breach, the security framework should prevent any access or control over operating systems that could endanger human life
- At all times, the critical infrastructure and control units must have 2FA enabled
- For instance, any interference to equipment protection systems can lead to irreparable loss, thereby impacting the production
4. Modification of Operating System and settings
- USB and other removable media are the common initial penetration vectors used to inject malware into industrial systems
- The 2009 Stuxnet attack is an example of the same. Iranian government’s uranium enrichment plants were attacked using Stuxnet malware
- Unauthorized modifications can jeopardize safety and reliability, and can lead to extended periods of downtime
- Unauthorized changes can cause equipment to be damaged or incur heavy servicing costs
5. Manipulation of information sent
- Hackers try to manipulate the information sent to sensors, PLCs, and other systems. This technique is often deployed to disguise any unauthorized changes and security breaches
- This gives the hackers extra time to penetrate the network before identified
Securing an OT System
Hackers manage to somehow bypass current safety protocols and enter the system. Reasons can range from a rogue employee, malware-infected USB device, poor coding, or even a calibrated attack. And OT Systems are no exceptions to threats. Every system in every industry needs to be secured on all fronts at all times.
Often, the critical infrastructure is secured using a multi-layered approach. Preventing bad actors and unauthorized users from entering the system is prudent. Given various entry points – control rooms, logic controllers, cybersecurity attacks, unauthorized access, and others – an OT system is highly vulnerable if unprotected.
A comprehensive and concrete mechanism should be put in place. The primary aim of a security system is to prevent the entry of any unauthorized actor or device without authentication. At Sectrio we have drafted a list of key objectives that every Chief Information Security Officer should take a look at, before deploying his strategy for a secure OT System.
Every CISO’s security plan should have the following objectives to facilitate the strengthening of their OT System:
1. Restrict access to:
- OT Network and devices
- Network activity and systems
- OT Components and other key data
This can be achieved by using DMZ architecture, separating OT and Corporate network traffic, different credentials and authentication mechanisms for OT and Corporate networks, installing unidirectional gateways, and using multi-layered network topology to define security policies.
2. Real-time detection of incident and security events
- Real-time cloud-based cybersecurity solutions should be deployed
- This helps in constantly tracking and monitoring the entire network
- Using automation for categorization of security alerts based on vector, nature, severity, and other security parameters. This aids the security team to focus more on high-risk alerts than on everything else
3. Robust SRP [System Restore Plan]
- Failure of a single component or a set of components should not overwhelm trigger network traffic
- The true security posture of a company is decided by:
- The number and nature of cyberattacks
- The amount of time to restore complete functionality
4. Continuing operations despite adverse conditions
- Processes should be designed in such a manner that, despite adverse conditions or a possible breach, the entire environment should be restored in the shortest time possible
- At all times, the workforce should have access to normal, manual, and emergency operations
OT Security Challenges
Every new security suite that has evolved has had its share of challenges. With Operational Security, it gets further challenging. Many OT systems run for years and even decades, unlike IT systems, before getting a replacement. As the addition of new-age devices keeps increasing, the security framework if left unaddressed continues to weaken. At Sectrio we have identified the core challenges OT Security often faces:
1. Designed for reliability, not security
When OT systems made their way into the industrial sphere, the concept of cyber threats was largely a part of Hollywood sci-fi films. These OT systems are designed for reliability with little to no security. The only way one could access a device or a system is by physical means.
Changing times and evolving technology meant, that the industrial sector had to take advantage of the big data. This mandated the connection of isolated OT Systems on a network, with the status of security being unchanged. This has increased the attack surface manifold times with hackers constantly trying to infiltrate OT Systems globally.
2. Lack of integration with IT networks
Advanced cybersecurity solutions have greatly enhanced the security of IT systems in recent times. The same could not be applied to the OT Systems that were operated in an isolated environment. By deploying user-defined policies, security posture can be vastly improved.
3. Continuing the usage of legacy protocols
Even as of date, many OT Systems run on legacy protocols that have either run out of support or are nonexistent. Even many critical operations are still run on legacy protocols, leaving the door wide open for cybercriminals to exploit.
4. Need to shutdown entire operations for an upgrade
Despite the willingness to replace legacy systems, protocols, and processes, many industrial workplaces do not complete the process. This is attributed to the ‘unplanned operations downtime’, which could result in losses to the tune of millions. Hence, enterprises should take a collaborative decision across the hierarchy, opt for a thorough review of their OT Security posture and go ahead with planned operational downtime.
5. Lack of OT Security professionals
By far the biggest challenge in today’s world is the scarcity of certified workforce in handling OT Security. With a vast number of industrial spaces connecting to networks across business verticals, the need and demand for OT Security professionals, in particular, has shot up. But the availability has been scarce. Enterprises should focus on nurturing young talent across multiple disciplines for a secured future.
To help you decide more on the steps to address OT Cybersecurity challenges, we have an in-depth blog post on it. You can find here 9 easy steps to address OT Cybersecurity challenges.
Is your OT Security Solution equipped with the required tools?
With new vulnerabilities being created and let loose into the industrial sphere, protection from such threats is vital. The recent industrial revolution of leveraging the power of data across industries has only made the call for comprehensive OT Cybersecurity Solutions more demanding and imminent. What seemed to be isolated industrial networks a decade ago, are now a part of a giant network. This phenomenon not only improved efficiency and productivity but also gave rise to an unsecured OT environment.
Make sure your OT Cybersecurity solution focuses on the following:
- Threat Detection
- RBVM – Risk-Based Vulnerability Management
- Asset Management
- Remote Access
- Configuration Control
A comprehensive OT Security Solution should be able to monitor every device/machine that enters and leaves the network. This gives the Security Operation Center an overview of the network. Every device, its respective connective pathway, its interaction devices, assets it is accessing, and other data will be visible.
Once a device is tracked at all points, it becomes easier to protect the network even if a threat arises after a new device joins the network. This is often seen as the principle of ‘Reveal and Protect’. Cent percent visibility of the devices on the network results in improved efficiency, ease of operations, and security.
2. Threat Detection:
When designing a system, cybersecurity architects take every measure to protect from the existing types of threats. In complex industrial environments, cybersecurity systems are designed to defend against new kinds of threats. Hence, a wide range of threat detection measures should be deployed that help us in identifying the threat at the earliest.
Security architects usually employ the following measures as a part of a better threat detection technique:
- Any data that meets custom-defined criteria
- Abnormal resource and data usage
- Failed login attempts and DNS errors
- Anomalies arising out of communication between internal networks and assets
- Advanced Persistent Threat that often shows abnormal values in the indicators
- Risk-based vulnerability assessment
- Segmentation of various threats
3. RBVM – Risk-Based Vulnerability Management
Thanks to RBVM Systems, the security team gets clear and accurate insights into the kind of threats, vulnerability severity, and threat actor activity. This information is then thoroughly correlated to the assets to understand the criticality of the event. Without context, the thousands of alerts generated are more of a problem.
This reduces the need for human intervention in monitoring less-threatening alerts, that often crop up for a wide variety of reasons. It also helps the enterprise to better understand the risks associated with the threats, and prepare ahead for a more treacherous future. RBVM System tells us about the acceptable level of risk, the probability of the risk, the severity of Risk, and the urgency the risk brings for the security teams to act upon.
The aspect of segmentation helps in compliance with the regulatory framework and explains the security posture even for a non-technical employee. Logical segmentation using AI greatly reduces time and cost for the enterprise. Artificial Intelligence is leveraged for segmentation, based upon well-defined and distinguished policy groups. Mapping of attack vectors and predicting possible attack pathways using AI is another facet that is fast catching up in the RBVM.
4. Asset Management:
Monitoring a network alone is insufficient. Constant data gathering about the status of every asset, interaction between assets, and other unparalleled awareness of the entire network is key in asset management.
With increased depth and breadth in analytics, overviewing asset management is user-friendly. The availability of all IT, IIoT and OT devices under a single source changes our learning about the assets’ interactions on the network. With constant data inflow of minute data changes, including but not limited to changes in code or similar events, help us understand the assets at a granular level. This helps in optimization to a better degree.
You can keep constant track of the network topology using asset management. This serves us regular feed on properly configured and misconfigured devices on the network. Parallelly, one can monitor the type of device, firmware level, serial number, and other basic data at all times to understand the level of homogeneity of the network. Thanks to the extensive use of AI-ML (Artificial Intelligence – Machine Learning), asset management and threat detection capabilities are only going to get better with time.
5. Remote Access:
A remote access channel authorizes access to highly fragile and sensitive industrial network ecosystems. On misconfigured and unsecured networks, a threat can enter networks through remote access channels.
OT Security Solutions should focus on deploying remote access solutions that are secure and fast, with swift authentication. Personally, Sectrio recommends remote access if it possesses the following characteristics:
- Ability to create quick and secure OT remote sessions
- Fast, easily authenticated, and highly secure remote sessions
- Well-defined navigation ensures remote users can access only what is required for the job
With these in place, the MTTR (Mean Time to Respond) can be brought down and thereby reducing the non-operational time.
Above all, enterprises should adopt a Zero-Trust policy and put the Least Privilege Access mechanism in action. Restricting remote access sessions by time, user, and activity is a basic-yet-powerful way to improve the security posture of the remote access session.
6. Configuration Control:
Information like firmware version and last configuration details of a device is vital to understand the ‘last known good state’ of an asset on a network during disaster recovery. A well-organized configuration control capable of listing out user-made or malware-made changes over a device or the network is critical in building the security posture of the network.
Every hardware component, software process, and associated settings should be carefully monitored, configured, and documented as a part of the Configuration Control console. It helps in managing and controlling each device throughout its lifecycle. The key goal of the system is to ensure the entire network moves to an operationally sound and hardened configuration, as per the needs of the industry segment, away from its original design. Often the configured control system follows a closed loop and goes deep into the network, getting better insights and other useful data. It ensures that:
- Features like Windows firewall, screen locks, and password lengths are enabled
- Services and ports that are only required are enabled
- Network Equipment meets authentication and secure communication configurations
- Security teams are notified about misconfiguration and silent installs
- Alerting security teams about the end of a product’s life well in advance
- Informing about possible malware and other cyber-attacks that bring about a change in the network
The Configuration Control Console also assesses whether the current configuration meets compliance standards. This enables the enterprise in meeting industry regulations, IT/OT cybersecurity standards, and other compliances.
OT Cybersecurity best practices
Cyber threats are everywhere. A small vulnerability in a code can give access to critical infrastructure, leading to a complete takeover. A ransomware attack or even a targeted high-level state-sponsored attack can be avoided by following strict policies across every aspect of an enterprise.
We have compiled a list of best OT Security practices that keep your industrial networks safe and secure from cyber threats. Do remember that, these practices coupled with strong OT Security solutions ensure your network is secure.
1. Zero Trust, No Password Sharing, and PAM
- A complete Zero Trust policy at every level
- Strictly no to password sharing and no common passwords
- Privileged Access Management is mandatory
2. Securing all layers
- Use firewalls to secure every level
- Additionally, deploy routing rules and firewall rules
- This isolates sub-networks from each other in a complex network topology
3. Securing Operational Data
- Always encrypt data and share data only through secure channels
- ‘Least Privilege Management’ should be in place
- Robust data backup and restore system
4. Monitoring and Securing all network connections
- Connections to the cloud and local resources should be completely secured and monitored
- The connection should either be encrypted or routed through a customized VPN
- Using protocols like MQTT and Modbus facilities better security
5. Remove unused assets (hardware and software) from the network
- Use asset management to identify unused devices and gateways
- Removing these shrinks attacks surface
- Unused applications, processes, and USB ports should be taken down
6. Precautions during updating patches
- Updates should be downloaded only after source verification
- Use portable media to write the updates
- Use the same portable media to update the patch
7. Deep Network mapping and analytics
- Knowing the exact location of a device is essential
- Helps in identification and deploying mitigation strategy
8. The comprehensive threat detection approach
- Constant monitoring helps identify malware attacks, exposures, vulnerabilities, and suspicious activities
- Deploying Security Information and Event Management brings in deep insights and crucial analytical data
- A New Generation Firewall system that can bring in Intrusion Prevention System, application-level inspection, and intelligence from outside the firewall to the fore.
Frameworks & Standards of OT Security
Many enterprises see frameworks and standards away from OT Cybersecurity. The frameworks and standards that help an enterprise to devise a robust cybersecurity program in protecting its assets and the valuable data of its clients. While standards are a more well-defined instruction manual at every stage, a framework is much broader, comprising of documentation and processes that an enterprise needs to adhere to and follow. One can see the frameworks as blueprints for assessing, monitoring, mitigating, and reducing risks and vulnerabilities.
Common frameworks in the cybersecurity space for a secured OT System:
- NIST CSF – NIST Cybersecurity Framework
- GDPR – General Data Protection Regulation
- CIS – Critical Security Controls
- ISO 27001 and ISO 27002
- PCI DSS – Payment Card Industry Data Security Standard
- SOC2 – Service Organization Control Type 2
- COBIT – Controlled Objective for Information Technologies
- MITRE ATT&CK – MITRE Adversarial Tactics, Techniques, and Common Knowledge
- HITRUST CSF – HITRUST Common Security Framework
- ENISA – European Union Agency for Cybersecurity
- Saudi Arabia ECC Security Standard
- DESC ICS Security Standard (UAE)
Common standards in the cybersecurity space:
- NISTR 8374 – Ransomware Management
- API 1164 – Associated with reducing cyber risk with industrial automation and control systems
- ISA/IEC 62443 – Deals with reducing current and future security vulnerabilities. Belongs to automation and control systems
- ISO 27000 Series – Helps enterprises focus on strengthening their cybersecurity posture
- AWWA G430-14 – Deals with USA’s wastewater and waste facilities
- NIST 800-52 – Guides in protecting and securing industrial control systems
- NIST 800-53 – Help US federal government and critical infrastructure privacy and security
- FISMA Regulations and HIPAA Regulations
- BS ISO/IEC 18043:2006– Selecting, deploying, and operating IDS (Intrusion Detection Systems)
- BS ISO/IEC 27005:2011– Deals with information security risk management
- PAS 555:2013 – Cybersecurity Risk (Government and Management specification)
The Final Connection…
While the general need for OT Cybersecurity may be well-defined and understood, the real gist depends on how a CISO perceives it and communicates it to his security team. Connecting industrial workplaces to the internet (cloud) is a game-changer. It helps efficiency, optimal use of resources, and production. Enterprises will be able to leverage emerging tools like Artificial Intelligence and Machine Learning to better understand workflows, processes, and other crucial analytics.
This can be achieved only if the OT Systems are secure from both within and outside. Whether your enterprise’s OT System comprises 1000 or 10,000 devices, securing them at every level, patching them from time to time, and deploying OT Cybersecurity tools will be the only way to go forward in the future.
At the recent (12th of July, 2022) OT Cybersecurity Expert Panel (OTCEP), Singapore’s Minister Josephine Teo outlined the nation’s approach to neutralizing OT threats.