Virtualization Technology News and Information
Why continuity remains key for ICS organizations, and how to address it
Cybersecurity for industrial organizations is becoming an increasingly popular topic, with the global Industrial Control Systems (ICS) cybersecurity market expected to reach over $24 billion by the end of 2023. Given this trajectory of growth, new trends based on customer demands will continue to evolve.

One of the main trends the ICS sector is adapting to is automation as it allows for optimization of business efforts. While automation is a positive advancement, it does open the door for potential cyber incidents that can lead to disruption, which is one of the main causes of distress as business continuity is crucial for the ICS industry.

Keeping this in mind, here are some suggestions on new cybersecurity processes for ICS, why they happen and how they can eliminate customer pain points.

From Stuxnet to today

Let's recall where it all began. The notorious Stuxnet incident of 2010 showed that critical facilities were not ready to ward against cyberattacks. In those days, protection technologies for ICS were not widely available, so companies were in great need of anti-malware protection for operational technology (OT) endpoints.

Following Stuxnet, cybersecurity incidents became more frequent and reinforced this demand. For example, first appearing in 2014, an APT group known as Black Energy specifically targeted ICS and energy organizations worldwide; in 2015, a massive power outage in the Ukraine left more than 200,000 people without power; the NotPetya ransomware cost global shipping operator Maersk up to $300 million; and in 2019, Norsk Hydro fell victim to a ransomware attack that cost the company more than £45 million.

Consequently, the cybersecurity market reacted to this trend with new and existing cybersecurity vendors launching solutions for critical infrastructure during this period. The market became much more mature as cybersecurity was now a priority on a state level with the organization of national ICS Computer Emergency Response Teams (CERTs) in the US and the EU.

As a result, industrial customers globally achieved the basic level of ICS endpoint protection. When asking ICS professionals around the world about the state of their organizations' OT cybersecurity, the results found that the majority (97%) claimed they already implemented an anti-malware solution for industrial endpoints. So, what is the next level of protection?

New level unlocked: integration with automation systems

Industrial control systems should always strive to work smoothly to ensure manufacturing processes remain constant. According to a 2019 survey, half of ICS organizations (49%) are looking to increase OT efficiency while four out of five (79%) want better management of cybersecurity risks. If running a cybersecurity solution for network security may affect the OT automation process, this would create an incompatibility challenge for OT engineers.

To address this customer pain point, cybersecurity solutions for industrial facilitates should be developed to allow for closer integration of protection technologies into Supervisory Control and Data Acquisition (SCADA) systems. This enables the industry to move from simple endpoint protection towards creating an industrial automation system with built-in protection.

What does it mean for customers?

Instead of piecing together automation and cybersecurity products that may affect each other's efficiency, customers will be able to implement one integrated system that combines automation and protection, empowered with dedicated expertise.

User experience and a plug-and-play principle in the design of such unified solutions will offer the main competitive advantages. Centralization and scalability of these solutions is primarily relevant for enterprises that are already actively using OT automation and asset management, or for vertically integrated industrial companies such as mining, automotive and manufacturing, metallurgy, petroleum retail, electric grid complexes and transportation of petroleum products.

Additionally, the ease of integration with third-party systems, low operating costs, simplicity of the solution and compliance with the requirements of supply chain security are relevant for private manufacturing companies and those that are horizontally integrated such as chemical manufacturing, mechanical engineering, the production of materials and components, the food industry and automated agriculture.

It is exciting to see how the industry has evolved and how it has revealed a growing dynamic between cooperation and transformation. I look forward to new trends to come, and shaping new cybersecurity solutions to continue to protect ICS organizations.


About the Author

Alexander Moiseev, Chief Business Officer at Kaspersky

Alexander Moiseev 

Alexander Moiseev is the Chief Business Officer of Kaspersky, responsible for sales strategy and marketing globally. Prior to this role, Alexander was Kaspersky's Chief Sales Officer, where he led global sales and new business development.

Having joined Kaspersky in 2006 as Business Development Manager for Italy and Israel, it took only two years for Alexander to be promoted to Managing Director of Kaspersky Italy and Mediterranean.

In 2014, Alexander was appointed Managing Director of Kaspersky Europe, taking responsibility for its operations, and ensuring the commercial success of the company's many products, solutions and services within the region.

Since 2011, he has worked concurrently as Head of Kaspersky's Global Partnerships and Sponsorships, team, developing the company's global sponsorship projects - the biggest of which is the partnership with Scuderia Ferrari. He is also one of the driving forces behind the company's technology and innovation investments in transportation systems cybersecurity.

Alexander graduated from Moscow State University with a degree in engineering with mathematics and cybernetics.

Published Friday, May 01, 2020 9:05 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<May 2020>