Operational Technology (OT) networks are computerised systems used to control physical industrial operations and are found across a broad range of asset-intensive sectors. They perform a wide array of tasks, ranging from monitoring critical infrastructure to controlling robots on a manufacturing floor.

As efforts to modernise critical infrastructure are ramped up, the risks of cyberattacks on OT networks are amplified. The COVID-19 pandemic has further blurred the lines between the physical and digital worlds, exposing fault lines in cybersecurity infrastructure and unravelling a host of new challenges.

Cyberattacks on operational technology (OT) systems can have serious and highly damaging consequences, as attackers may incapacitate critical infrastructure such as water plants, fuel pipeline facilities and power grids. These attacks may also expose vulnerabilities in crucial supply chains.

This explains why business leaders have identified cybersecurity risk as the greatest threat to their organisation’s growth over the next three years, according to KPMG’s 2021 CEO Outlook Pulse Survey.

The evolving threat landscape has triggered a move towards a zero-trust security architecture, which assumes that authenticated identities or even the network itself may already be compromised — even if they aren’t.

This report examines the key challenges OT practitioners face and seeks to chart a clear roadmap for implementing zero trust and managing supply chain risks to secure OT systems.