What Is a SCADA Security Vulnerability Assessment?
Similarly, in a vulnerability assessment, a security partner will help an organization assess its existing security measures and look for potential areas of weakness. This level of visibility is important, but it is also quite rare. According to Fortinet, only 13 percent of operational technology professionals have achieved centralized visibility into all of their organizations’ OT activities.
Because SCADA networks are often legacy solutions, many were designed without security in mind. As a result, they may not be protected by cybersecurity features that would be considered standard today, and a thorough vulnerability assessment can reveal systems that are exposed to an unacceptable level of risk.
READ ON: Learn more about the benefits of IT-OT convergence.
“Sometimes, the biggest threat is not actually the external threat,” Serrano notes. “It’s also important to assess for vulnerabilities related to the privileged access that insiders have.” IDC’s González echoes this concern. “People are the biggest question mark,” he says. “Secure access to systems is crucial, and sometimes in OT environments, too many people have access.”
