Why is active network scanning often avoided or limited in industrial environments when monitoring for threats?
Answer
Active scanning can crash sensitive equipment.
Because control systems are highly sensitive and time-dependent, traditional active scanning techniques used in IT can unintentionally cause sensitive equipment like PLCs to malfunction or shut down, necessitating passive monitoring.

#Videos
Getting Started in Industrial (ICS/OT) Cyber Security - YouTube
Related Questions
What is the primary goal shift when securing Operational Technology (OT) compared to standard Information Technology (IT)?In the hierarchy of security priorities for ICS environments, which two elements are often emphasized first?What characteristic of many OT assets, such as PLCs and RTUs, often necessitates running legacy operating systems that are difficult to patch?What concept foundational to ICS security emphasizes the use of physical or logical separation between the IT network and the OT network?Which standardized model is nearly mandatory for security professionals to understand when defining the hierarchical structure of ICS architecture?What type of security control is explicitly mentioned as relying on unidirectional gateways to prevent external threats from reaching critical assets?Why is active network scanning often avoided or limited in industrial environments when monitoring for threats?Which standard provides a globally recognized framework for securing Industrial Control Systems?What capability separates successful long-term industrial cybersecurity professionals regarding interdepartmental communication?What is generally the very first core task required when beginning the day-to-day hardening of an OT environment?What specialized training opportunity is provided directly by a government agency for building ICS competencies?