Infrastructure

Through analysis, assessment and stakeholder engagement, the GRCSIRT maintains and imparts knowledge of the risks and opportunities associated with the increasing alignment of Information Technology and Operational Technology (IT/OT Convergence); particularly (industrial) control systems.

Operational Technologies encapsulate the rapidly changing technological landscape that underpins, drives, and supports Greece’s Critical Infrastructure. Increased cyber connectivity, and greater participation in, and reliance on, global supply chains means Greece’s Operational Technology and Critical Infrastructure is more vulnerable than it has ever been.

Aligning Operational Technology, and Greece’s Critical Infrastructure, with Information Technology practices, principles, and technologies brings many benefits. However, it also introduces new types of risks that Greek Critical Infrastructure providers are not capable of managing without Government support. A cyberattack on an OT system can have consequences in the physical world which, if left unmitigated, can have a potentially major, deadly impact on society and the Greek way of life.

Implementing cyber-secure Operational Technologies and managing the associated risks presents many unique challenges, including:

• Communications protocols engineered without security controls
• The requirement that engineering systems be re-tested and certified after upgrades
• Long life-cycles (20 – 50 years) of operational hardware
• The introduction of new IT protocols into operational environments introduces new risks
• The increased operational risk that comes with connection to adversarial networks.