Characterized by smart manufacturing and interconnected devices, the fourth industrial revolution is here. But just like any other interconnected system, modern industrial control systems are potential targets for cyberattacks. Cybersecurity breaches can have far-reaching consequences for industrial organizations. According to The State of Industrial Cybersecurity 2019, produced by ARC Advisory Group on behalf of Kaspersky, reputational and environmental damage, injury or even death are serious risks if systems fail. And today, the stakes are becoming higher, simply because more systems are connected and dependent on one another. According to Gartner (Magic Quadrant for Industrial IoT Platforms, Eric Goodness et al., 25 June 2019, report available to Gartner subscribers):
By 2023, 30 percent of industrial enterprises will have full, on-premises deployments of IIoT platforms, up from 15 percent in 2019.
Magic Quadrant for Industrial IoT Platforms, 2019
This also means there’s a lot more that can go wrong, and there are many more attack vectors for cybercriminals to exploit. Many threats originate in third parties, such as suppliers, contracting firms and technology companies. And no modern industrial operation is free from risk.
Why are industrial operations a target?
Cyberwarfare is no longer the stuff of dystopian science fiction. It’s a very real problem now that society has grown so dependent on modern technology. Attacks may be carried out by state actors, hacktivists (internet activists) – or even competitors bent on industrial espionage. With so many new avenues for attackers to exploit, such as the industrial internet of things (IIoT), it’s never been more important for cybersecurity to take front and center stage in any industrial digital transformation project.
Given that a nation’s ability to function depends heavily on the availability of its critical infrastructure, it’s easy to see why major industrial operations are popular targets. It’s a highly efficient way to cripple a rival state. But it’s not just state actors that the industrial sector needs to worry about. Hacktivists, who are often not associated with any particular state, may also target certain industries for political or ethical reasons.
Fortunately, there’s an increased focus on OT/ICS (operational technology in industrial control systems) throughout the globe to help keep industrial businesses, and the people that depend on their services, better protected.
The state of industrial cybersecurity today
The latest annual report The State of Industrial Cybersecurity 2019 explores the worldwide status quo and future development of industrial cybersecurity. The report uncovers what nearly 300 industrial companies and organizations think about the landscape for industrial cybersecurity today, and what measures and processes are needed to prevent cyber-incidents in critical infrastructures and industrial enterprises.
Here’s some of the report’s key finding:
We’ve got a people problem
Despite automation, the human factor can still put industrial processes at risk: employee errors or unintentional actions were behind one in two incidents. The growing complexity of industrial infrastructures demands more advanced protection and skills. But organizations are experiencing a shortage of professionals to handle new threats and low awareness among employees.
They’re worried that their OT/ICS network operators are not fully aware of the behavior that can cause cybersecurity breaches, which could explain why employee errors cause half of all ICS incidents – such as malware infections – and also more serious targeted attacks.
Companies are seeking to improve protection for industrial networks. But this can only be achieved if they address the risks related to the lack of qualified staff and employee errors. Taking a comprehensive, multi-layered approach – which combines technical protection with regular training of IT security specialists and industrial network operators – will keep networks protected from threats and ensure skills stay up to date.
Brand Manager, Kaspersky Industrial Cybersecurity
Protecting Industrial IoT and digitization
In addition to a technical and awareness boost for industrial cybersecurity, organizations need to consider specific protection for Industrial IoT which can become highly connected externally: four in ten companies are ready to connect their OT/ICS network to the cloud, using preventive maintenance or digital twins.
The growing interconnection between IIoT edge devices and cloud services continues to stand as a security challenge. It was a major driver for the creation of the IIC Industrial Internet of Things Security Framework, as well as the subsequent best practices documents and recent IoT Security Maturity Model.
Dr. Jesus Molina
Chair, IIC Security Working Group, and Director of Business Development, Waterfall Security Solution
Digitization of industrial networks and adoption of Industry 4.0 standards are in the pipeline for many industrial companies. Four out of five organizations see operational network digitalization as an important or very important task for the year ahead.
OT/ICS is high priority
The good news? OT/ICS cybersecurity is becoming a top priority for industrial companies (87 percent). But to achieve the right protection, they need to invest in dedicated measures and highly qualified professionals to make them work effectively. Despite stating it as a priority, only just over half of companies (57 percent) have the budget they need for industrial cybersecurity.
But what are the real chances of a cyberattack? Four in 10 of the businesses surveyed hadn’t experienced any kind of cyberattack in the last year. But worryingly for the rest, nearly one in three haven’t implemented an incident response program. Rather than keeping everything crossed, isn’t it time to invest in improving your business’s cyber-defenses? Just a thought…