EMBRACING NEW STRATEGIES ON INDUSTRIAL CYBERSECURITY
Hesham Abdulhadi, Senior Technical Presales Manager for Industrial Cybersecurity at Kaspersky speaks to Utilities Middle East and says that Industrial cybersecurity strategies need a radical rethink and should be built from the ground up
What are the common industrial cybersecurity issues at the moment?
Industrial control systems, which once existed in isolation, are increasingly networked. As much as this greatly increases convenience and efficiency, it also has the unfortunate effect of making them vulnerable to cyber threat.
At Kaspersky, we have recorded a rise in cyberattacks and threats to ICS in Saudi Arabia and
United Arab Emirates, especially when comparing H1 2021 to H1 2020. Industrial control system (ICS) security concerns the safeguarding and protection of control systems that are used for monitoring industrial processes.
Such systems are critical in keeping essential infrastructure functioning and they are increasingly under attack, with increased potential for critical system breakdown, production
accidents, and even city-wide or national impact.
How can organisations augment the security of their operations from cyber threats and how can solutions from Kaspersky be helpful?
Security needs to evolve ahead of attackers, to protect industrial environments from cyber threats. As the number of threats targeting critical infrastructure increases, choosing the right
advisor and technology partner to secure your systems becomes even more important.
Kaspersky ICS products are purpose-built so that the organisations is secured. Within the portfolio, KICS for Nodes is designed to protect industrial operator panels, workstations, and servers with legacy operating systems and limited resources, while KICS for Networks provides industrial network security monitoring.
Since the threat can emanate at any point of the network or the edge, it is absolutely critical that the security cover is ubiquitous.
Security Assessment Service aimed at identification of various security flaws in the ICS on all layers: starting from physical and network security, to vendor-specific vulnerabilities in ICS components, such as supervisory control and data acquisition (SCADA) systems, programmable logic controllers (PLCs) and others.
This service will allow to obtain information on vulnerabilities in ICS and possible consequences of vulnerabilities exploitation, evaluate effectiveness of implemented security measures, plan further actions to fix the detected flaws and improve security.
A service like Kaspersky’s ICS Reporting and Data Feeds offers threat intelligence for the benefit of security operations, incident investigations and response relevant to industrial control systems. It helps to focus on mitigating threats that are most relevant to the user’s industrial infrastructure and pose the most risk to the business.
Every record is enriched with data that can more readily be used to answer the who, what, where, and when questions that can help identifying adversaries.
While this provides a broad strategic approach to ICS security, the fact remains that a customized consultation, testing, and roadmap is absolutely essential. As with any mission-critical consideration, it is sound business sense to be prepared and equipped in advance.
How best should an Operation Technology (OT) security program in an organisation be
managed to achieve the best results?
Using security solutions for OT endpoints and networks, such as Kaspersky Industrial CyberSecurity ensures that organizations across all industry critical systems are comprehensively protected.
However, regularly updating operating systems and application software that are part of the enterprise’s industrial network is critical alongside the application of security fixes and patches to ICS network equipment as soon as they are available.
Therefore, conducting systematic and routine security audits of OT networks to identify and eliminate security issues goes hand-in-hand to achieving optimum results.
Additionally, it is necessary that companies provide dedicated ICS security training for IT security teams and OT engineers, as this has proven crucial in significantly improving responses to new and advanced malicious techniques.
Providing the security team responsible for protecting industrial control systems with up-to-date threat intelligence such as ICS Threat Intelligence Reporting service helps in providing insights into current threats and attack vectors, as well as the most vulnerable elements in OT and industrial control systems and how to mitigate them.
How important are people in maintaining a robust OT security infrastructure and how can organisations align all staff with their cyber security programs?
People are quite important in maintaining a robust OT security infrastructure as it doesn’t only involve implementing a solution that fits what the organization needs. A cybersecurity professional will need to take a couple of steps before a solution is settled on.
First, an ICS assessment will need to be conducted to identify security flaws on all layers, starting from physical and network security, to vendor-specific vulnerabilities in ICS components such as supervisory control and data acquisition (SCADA) systems, programmable logic controllers (PLCs) and others.
Next, the right product needs to be selected that protect industrial environments from cyber threats.
Providing employee training is a critical part of aligning all staff with the cybersecurity program. Human error due to a lack of cybersecurity knowledge and awareness is the leading cause of cyber-incidents.
Training can be short and intensive, tailored for everyday users of computer-based systems as well as more in-depth for IT/OT security experts, ICS operators and engineers especially ones that do not have an IT background, our solutions are tailored for them too.