Critical Infrastructure Protection (CIP)
& Industrial Security
Cyber threats are targeting industrial control systems.
How can you protect your processes from disruption?
With cybercriminals becoming increasingly active, industrial control system (ICS) operators and manufacturing & process industries – including oil, gas and petrochemicals – plus companies and government organisations that run critical infrastructure, have never faced such significant security risks:
- Attacks against ICS are growing in volume.
- Complex threats – such as Stuxnet, Duqu, Flame or Gauss – are being copied by other attackers.
- Greater connectivity is introducing new risks for critical infrastructure and industrial security.
As a leader in cyber-security, Kaspersky Lab is continually developing critical infrastructure protection solutions that do more to meet the specific requirements of industrial control systems and the organisations that are tasked with keeping critical infrastructure running.
KASPERSKY CIP INITIATIVES
There are significant differences between the security requirements of control systems and the protection needs of general business systems. Only cyber-security vendors that understand these differences are able to deliver security solutions that meet the unique needs of industrial control systems and critical infrastructure owners.
By establishing close relationships with government organisations and law enforcement agencies, Kaspersky is playing a leading role in helping industry and regulators to anticipate changes in the threat landscape and defend against attacks. In addition, Kaspersky’s security experts are proactively developing innovative security technologies, approaches and frameworks.
Kaspersky Industrial Protection Simulation
Kaspersky Lab actively participates with international organizations in joint investigations of cyber warfare operations involving malware capable of cyber espionage or cyber sabotage. During these operations the company’s experts gather lots of valuable data on how sophisticated attacks are planned and executed.
Armed with this knowledge, Kaspersky Lab has devised the Kaspersky Industrial Protection Simulation business game to highlight the problems of securing critical infrastructure objects (production facilities, transport, power stations) against cyber-attacks. The business training format reproduces real-life attack scenarios, with participants having to come up with effective countermeasures to protect the IT infrastructure of an industrial object.
- Teams are put in charge of a water treatment plant. The plant is subjected to a series of cyber-attacks that impact on production and revenues. Participants need to respond with a variety of engineering or IT security measures to minimize impact and protect revenues.
- Teams compete under the same conditions. The team that earns most money wins.
- No expertise required other than a general understanding of industrial control systems.
- Unlike the vast majority of business training on industrial security, Kaspersky Industrial Protection Simulation is fun and engaging.
Governments & Kaspersky
Kaspersky is running programs and events to encourage close cooperation between governments and security providers:
- In 2013, Kaspersky ran a Government Cybersecurity Forum in Washington, D.C.
- Speakers included a former director of the CIA and a current director of US Department of Homeland Security.
- Topics included ‘Critical Infrastructure Protection’ and ‘Forming Partnerships that Strengthen the Global Law Enforcement Response Against Cybercrime’.
INTERPOL & Kaspersky
Kaspersky is helping police authorities to fight back against cybercrime:
- Kaspersky has established an agreement with INTERPOL Global Complex for Innovation (IGCI).
- Kaspersky experts will be seconded to this new INTERPOL organisation.
- The IGCI will help international police forces to tackle cybercrime threats.
Kaspersky Lab is developing a secure operating system (OS) for industrial control systems:
- Many years ago, Kaspersky experts identified a growing need for a secure OS.
- Kaspersky has devoted significant resources to developing a secure OS to protect ICS.
- The secure OS will guarantee that – for any program running on the ICS – only the explicitly desired functionality will be allowed to run.
LATEST FROM KASPERSKY
Cyber Intelligence Asia 2014
11-14 March, 2014 – Singapore
Kaspersky Lab will be a key participant at the Cyber Intelligence Asia 2014 summit in Singapore, hosted by Intelligence-Sec. The conference will bring together key decision-makers from across all Asia to discuss topics such as cyber forensics, protecting critical infrastructure, and the future of cyber security. Kaspersky Lab is committed to protecting Critical Infrastructure and delivering products and solutions for Industrial Security, and is working with Interpol and other global security organizations to support ongoing research and law enforcement efforts. For years Kaspersky Lab has paid close attention to ICS security due to the critical nature of these systems in everyday life. The consequences of cyber-attacks against ICS operators, such as production companies and organizations running critical infrastructure, could be disastrous. That is why it is essential that the risks posed by such incidents are properly addressed. The Kaspersky Industry Analyst Summit is an annual event where the company’s top managers share their view of today’s market as well as future business plans with key industry analysts from the world’s biggest market research agencies. The goal of the summit is to obtain feedback from industry experts on what Kaspersky Lab is doing now and what it plans for the future. This year’s summit will serve as a platform for discussion on the current state of the critical infrastructure security market and potential new approaches to addressing the challenges of this market.
On March 12th, the first full day of the Conference and Exhibition, Kaspersky Lab will host its industry-recognized Kaspersky Industrial Protection Simulation (KIPS), a live role-playing game that simulates a cyber-attack against a water utility plant. Conference attendees will be selected as team participants and will react in real-time to the unexpected consequences brought on by this cyber-attack. The teams will be judged on their abilities to make decisions based on limited data to prevent damage to the facility’s digital and physical infrastructure, and to enable the water plant to continue supplying water to a nearby community. The winning team will receive a prize!Learn more
Need to ask a question?Contact Us