Operations Technology (OT) and Information Technology (IT) are moving closer together. In view of this OT-IT convergence, the risks from cyber attacks are constantly increasing – for manufacturing companies as well as for operators of critical infrastructures. In the past, attackers have primarily aimed at the IT infrastructures of organizations, but in networked industrial environments, criminals are increasingly targeting operational components such as control and automation systems. This not only causes economic damage, but can also lead to serious consequences for people and the environment in the case of critical infrastructure such as power plants or hospitals. In order to better understand the risks and challenges of this development, PwC Germany opened the Cyber Security Experience Center in Frankfurt.
Practical depiction of technological operational processes
In Frankfurt, PwC Germany is showing a scaled-down, fully networked model ecosystem with technologies from the most important areas of critical infrastructure – from power plants and robot-supported manufacturing to digitally networked hospitals. All models are connected to physical PLC and ICS/SCADA networks and connected to monitoring solutions from different manufacturers. With this practical test arrangement, the security experts can demonstrate the attack vectors and the possible consequences of an attack directly on the respective technologies and give important tips for prevention.
Promote awareness of risks and challenges
“Critical infrastructures are increasingly being targeted by cybercriminals and state-controlled attackers. The cyberkinetic modules in our Cyber Security Experience Center allow us to realistically represent technological operations and possible attack scenarios. In this way, our customers receive valuable information about potential vulnerabilities within their processes and can better protect their infrastructures in the future,” says Grant Waterfall, Cyber Security & Privacy Leader at PwC Germany and EMEA.
According to the PwC Global Digital Trust Insights 2022, almost half of the companies surveyed expect an increase in state-sponsored attacks on critical infrastructures. Visitors to the Cyber Security Experience Center can experience directly on site how the consequences of a cyber attack become noticeable and how such attacks can be warded off. The highly developed security framework and defense concept of the model allows both to demonstrate different attacks and to experiment with different countermeasures. The on-site experts can apply these demonstrations to a range of industry scenarios. Currently there are modules for power generation, natural gas distribution, manufacturing, patient monitoring, mobility and facility management. In addition, the experts can use a digital twin to simulate other industrial scenarios.
“Cybersecurity is still a very abstract topic for many people. With our Cyber Security Experience Center, we want to change exactly that and show you specifically what effects security gaps and vulnerabilities can have. In doing so, we are increasing awareness of the risks and challenges in the field,” says Oliver Hanka, Director EMEA Industrial & IoT Security at PwC Germany.