Beyond typical BMS functions, hospitals operate a myriad of interdependent critical systems, and are required to operate in preparedness mode in case of a mega-event — so OT network up-time is crucial.
However, many hospital systems, including the one described in this case study, were not designed with cyber-security in mind:
* No OT-IT segmentation and no visibility into the OT network
* Lack of segmentation between buildings ,facilities and systems.
* Separate operational monitoring interfaces for different systems
* No procedures in place for patching or hardening devices
* No system for securing and logging maintenance operations
[inject id=’code-47fd23f73a9caecab1e206306adae7f9′]
Harmonizing risk and consequence strategies across IT and OT environments for greater cyber resilience
Strengthening OT Resilience: Protecting Critical Systems in a Rapidly Evolving Threat Environment
Quarterly ICS Security Report 2024 Q3