Virtualization Technology News and Information
Article
RSS
Nozomi Networks 2023 Predictions: 4 Predictions on the OT & ICS Cybersecurity Horizon for 2023

vmblog-predictions-2023 

Industry executives and experts share their predictions for 2023.  Read them in this 15th annual VMblog.com series exclusive.

4 Predictions on the OT & ICS Cybersecurity Horizon for 2023

By Danielle Jablanski, OT Cybersecurity Strategist at Nozomi Networks

From the now-or-never razzmatazz surrounding SBOMs (Software Bill of Materials) to the next unprecedented international issue, predictions are difficult to master. Projections are even more difficult for OT and ICS, given that data is often private, distributed, or behind a paywall. 2023 promises to be an integral year calling for increased cybersecurity investments at a time when a potential recession can exacerbate the impacts of ransomware and unplanned downtime or production loss.

1.  Governance will set a new precedence.

Government standards and frameworks to date have taken an accordion approach, stretching to address what critical infrastructure sectors have in common and compressing to magnify security issues most vital to specific sectors. New direction and bolstered industry involvement will produce greater situational awareness, trust, and resolve across the critical infrastructure security community.

The U.S. government is "putting its money where its mouth is," rolling out a federal binding operational directive focused on asset discovery and vulnerability enumeration, offering implementation assistance and unique toolsets.

2023 will usher in the fruits of two new CISA programs: the CyberSentry program to monitor critical infrastructure networks for known threats and indicators of compromise and the newly released RedEye tool to present complex data in a digestible format. Both will broaden the aperture for understanding OT and ICS incidents, further building mechanisms for enhanced trust and verification.

2.  Information sharing will be more meaningful.

Despite a reluctance to aggregate information, meaningful information sharing requires a vendor-agnostic mechanism for the real-time sharing of early warning data. Regarding the threat landscape, there is no way to standardize and correlate threat and vulnerability research produced by competitive market leaders. Information sharing lacks trust and verification and has been siloed into sector-specific, private-sector, or government agency-specific mechanisms - creating single sources of information without much consensus.

Regardless of commonalities, no two attacks on OT/ICS systems are ever the same, making automated response and remediation difficult. Unfortunately, this reality means that every operation and facility has to wait to see another organization victimized before there can be shared signatures, detections, and fully baked intelligence for threat hunting to ensue. Solutions for information sharing in this domain will shift toward more inclusive, creative, and proactive ways to share information in 2023.

3.  The innovative analysis will set solutions apart.

Innovation in providing situational awareness, trust, and verification, will lead the OT cybersecurity future. Organizations can gather and store data but need to analyze it to enhance their mission. Simply having and keeping reams of data is not helpful for risk mitigation. Solutions built for OT and ICS will continue to fix security gaps and improve security controls.

Behavioral analysis and anomaly detection for network operations can augment threat intelligence and overall security postures. Anomaly detection can alert on deviations from standard communications patterns and variables within the process - like sensor readings and flow parameters. The process data can correlate with communications data to provide actionable intelligence to inform security procedures and reduce overall risk.

4.  Adversaries will demonstrate sophisticated capabilities for modifying systems.

The Nozomi Networks-sponsored SANS report on ICS/OT Cybersecurity in 2022 and beyond mentions, "adversaries in critical infrastructure networks have illustrated knowledge of control system components, industrial protocols, and engineering operations." Other OT/ICS incidents reports cite adversaries' "unfamiliarity with the OT domain." 2023 may be the year that adversaries demonstrate increased capabilities to both monitor - and modify - OT and ICS systems in critical sectors.

Conclusion

Across the globe, governments, public-private partnerships, insurance providers, and international relations are reticent about the significance of protecting critical infrastructure and building resilience across industrial sectors and hyperconnected facilities. Across the market - from competitive intelligence to innovation to live ‘bake-offs' - trust and verification matter more today for OT cybersecurity than ever before. OT cybersecurity stakeholders, concerned with physical safety, environmental impacts, goods, services, resources provision, and micro and macroeconomics, will all say, "show me the receipts" in 2023.

##

ABOUT THE AUTHOR

Danielle-Jablanski 

Danielle Jablanski is an OT Cybersecurity Strategist at Nozomi Networks, responsible for researching global cybersecurity topics and promoting OT and ICS cybersecurity awareness throughout the industry. In 2022 she joined the Atlantic Council as a non-resident fellow with the Cyber Statecraft Initiative in the Scowcroft Center for Strategy and Security, focusing on operational technology and workforce development issues. Danielle serves as a staff and advisory board member of the nonprofit organization Building Cyber Security, leading cyber-physical standards development, education, and certifications to advance physical security, safety, and privacy in public and private sectors. Danielle also serves as the President of the North Texas Section of the International Society of Automation (ISA), organizing monthly member meetings, training, and community engagements. She is also a member of the Cybersecurity Apprenticeship Advisory Taskforce (CAAT) with the Building Apprenticeship Systems in Cybersecurity (BASIC) program sponsored by the Department of Labor.

Published Tuesday, November 22, 2022 7:31 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2022>
SuMoTuWeThFrSa
303112345
6789101112
13141516171819
20212223242526
27282930123
45678910