New research from
Kaspersky reveals that 30% of industrial businesses tend to switch off their
cybersecurity product if it is affecting their production processes or
automation systems. Overall, 38% of organizations face such problems
occasionally and another 43% have dealt with these issues at least once. This
can all be traced back to compatibility dilemmas.
When implementing security solutions in an operational
technology environment, it is vital that organizations strike a balance between
security and production continuity. Otherwise, unplanned downtime caused by
production interruptions can cost companies up to $260,000 per hour, according
to some estimations.
Finding this balance can be challenging and can even lead
some companies to switch off their protection. For others, a balance exists but
it leans to one side. Most respondents (65%) prefer changing their production
and automation systems to avoid conflict, while 59% would rather change their
cybersecurity settings. Another 44% believe the issue lies with the vendor or
security provider and prefer to switch providers in order to keep their
production processes unaffected.
One possible reason behind companies' compatibility issues
is that their operational technologies (OT) or industrial control systems (ICS)
may be out of date and cannot be upgraded. A respondent from a high-tech
manufacturing firm in North America said. "Our largest issue with our OT and
ICS is that the equipment we own isn't upgradable beyond its current level. The
manufacturers don't offer any type of upgrade to our current systems. We are
stuck on outdated platforms that are, and remain, vulnerable." In fact,
according to those surveyed, it is impossible for the average industrial
organization to update every sixth (16%) endpoint in their OT network.
"In the past asset owners reasonably assumed that the
protection and automation systems responsible for the core business processes
of an industrial organization would be left undisturbed throughout the
equipment's lifetime, lasting decades - with the possible exception of
occasional settings changes," says Kirill Naboyshchikov, business
development manager for Kaspersky Industrial CyberSecurity. "It was
common practice to commission systems as a whole and perform complete retesting
and recommissioning if any changes were to be made. However, with the
introduction of next generation digital automation systems, there are many
instances where this may no longer be the case. Therefore, both general purpose
and ultra-specialized computer-based automation systems should be equipped with
the following security subsystems and tools and processes: a vendor-approved,
holistic and centrally managed protection system; permanent vulnerability
monitoring and compliance scanning; network intrusion and anomaly detection;
and update, patch management and version control."
Kaspersky also recommends the following workarounds to not
sacrifice OT/ICS protection:
- Adopt essential
cybersecurity practices for OT/ICS security, such as network segmentation
and access control, and regularly perform security audits or penetration
testing to reveal any critical security gaps.
- Improve general security
awareness across employees to minimize the risk of attacks due to human
error. Boosting security
skills across OT engineers with specialized courses can make their
protection efforts more effective.
- For industrial control
systems (ICS), utilize a threat intelligence service with vulnerability
databases, such as Kaspersky
Threat Intelligence Portal. This service collects information on
vulnerabilities and mitigating measures if patches aren't yet available or
can't be installed due to process continuity requirements, system
certification needs or compatibility issues.
- Choose proven security
solutions that have tested integrations with different automation vendors.
Kaspersky Industrial CyberSecurity has tested integrations with more than 30
vendors of industrial systems and provides strong protection for
OT/ICS networks and nodes.
The full report, "Kaspersky ICS Security Survey 2022: The
seven keys to improving OT security outcomes" is available to download here.