Operational technology (OT) environments were historically designed around reliability and determinism, not cybersecurity. Systems such as SCADA, energy management, and industrial control networks assumed limited connectivity and trusted operators. As these systems increasingly connect to enterprise networks, cloud platforms, and remote monitoring tools, the security model must evolve without compromising operational stability.
In October 2025, the Canadian Centre for Cyber Security issued an Alert warning CISO and decision makers of increasing cyber-attacks exploiting internet-accessible industrial control systems (ICS). Reported incidents included tampering with water pressure values, triggering false alarms in an oil & gas facility, and manipulating temperature and humidity levels in a grain drying silo. These individual companies may not be direct targets of adversaries but have become victims of opportunity to gain media attention and undermine public trust.
Networking devices, like food, can introduce risks from the big wide world into critical infrastructure systems. Modern industrial systems are a blend of hardware, firmware, and software. As a result, evaluating devices requires more than reviewing a physical Bill of Materials (BOM). You also need the Software BOM (SBOM), which is a formal record containing the details, versions, and supply chain relationships of various software components used in building a product. This information is crucial in vulnerability and asset management, enabling organizations to quickly identify software or component dependencies and supply chain risks.
For networking operators in factories, utilities, and government agencies, the convergence of Information Technology (IT) and Operational Technology (OT) is no longer a theoretical concept—it’s reality, and fraught with increasing cybersecurity risks that exploit the gap in between, exposing critical infrastructure to sophisticated threats. Understanding and actively bridging this divide is paramount to maintaining operational resilience and security
組態設定錯誤是網路資安事件的常見肇因,可能源自操作人員有意或無意更動,也可能是外部網路攻擊的結果。
根據 ISA62443 標準指示,任何可調整設定組態之網路連線元件皆應遵循以下原則:
提到單向傳輸閘道器,常聽到一個問題:「到底防火牆和單向傳輸閘道器有什麼不同?」
單向傳輸閘道器為特別需要保護的網路區段提供額外防禦,因此可說是防火牆的好拍檔。不過細究會發現,兩者的防禦概念迥然不同。
長久以來,人們相信保護網路、系統或子網路的最佳方式就是與其他網路分離,換言之:斷網。
很多人也認為,工業控制系統子網路不會受到威脅,危險來自企業網路或上游網路。
很多人也認為,工業控制系統子網路不會受到威脅,危險來自企業網路或上游網路。