Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

IoT will transform industrial security

Issue 7 2020 Information Security

The digitalisation of industrial infrastructure is underway and 55% of organisations globally are confident that the Internet of Things, as one of its key aspects, will change the state of security in industrial control systems (ICS). According to Kaspersky’s recent report, ‘The State of Industrial Cybersecurity in the Era of Digitalization,’ 20% of organisations have already prioritised IoT-related incidents but solutions effective against IoT threats are yet to become widespread.

Industrial organisations continue to implement digitalisation and Industry 4.0 standards. Even despite the market slowdown as a result of the coronavirus pandemic, digitalisation is still being adopted. For instance, McKinsey & Company’s recent research revealed that 90% of manufacturing and supply chain professionals plan to invest in talent for digitalisation. Their research also shows that companies, where such projects had already been introduced, feel more confident during crises.

At the same time, the growing number of digitalisation projects, such as industrial IoT (IIoT), raises awareness of the associated risks. For one in five companies globally (20%), attacks on IIoT have already become one of their main cybersecurity concerns, bypassing such serious threats as data breaches (15%) or attacks on the supply chain (15%). Addressing them increasingly requires security professionals’ involvement, not just IT teams. In 2020, in almost half of the enterprises surveyed, IT security personnel are working on initiatives to protect digitalised OT systems (44%).

The report showed that today, however, not all organisations may feel ready to face threats to IoT. Thus, only 19% of companies globally have implemented active network and traffic monitoring, and 14% have introduced network anomaly detection – these solutions allow security teams to track anomalies or malicious activity in IoT systems.

“While industrial enterprises will only increase the implementation of connected devices and smart systems, they should strive for the same efficiency level when it comes to protection. To achieve this, protection should be built-in when a project is initiated, and for some companies, it should be done today. IIoT components must be secure at their core to eliminate the possibility of an attack on them. Along with traffic protection and other technologies, this makes the entire system secure by design and this means it becomes immune to cyber-risks,” commented Grigory Sizov, head of the KasperskyOS business unit, Kaspersky.

To ensure IIoT systems are used effectively and safely, Kaspersky experts provide organisations with the following advice:

• Consider protection at the very beginning of IIoT implementation by using dedicated security solutions. For example, the Kaspersky IoT Infrastructure Security solution is designed to safeguard industrial and business networks for IoT devices – including smart meters, controllers and others. Its key element is Kaspersky IoT Secure Gateway, based on KasperskyOS.

• Assess the status of a device’s security before its implementation. Preferences should be given to devices that have cybersecurity certificates and products from those manufacturers that pay more attention to information security.

• Conduct regular security audits and provide the security team responsible for protecting IoT systems with up-to-date threat intelligence.

• Establish procedures for obtaining information on relevant vulnerabilities in software and applications, and available updates to ensure proper and timely responses to any incidents. ICS Threat Intelligence Reporting service provides insights into current threats and attack vectors, as well as the most vulnerable elements in OT and industrial control systems and how to mitigate them.

• Implement cybersecurity solutions designed to analyse network traffic and detect anomalies and prevent IoT network attacks, then integrate the analysis into the enterprise network security system. Kaspersky Machine Learning for Anomaly Detection analyses telemetry and identifies any suspicious actions in the network before it causes any damage.

To read the full report, go to https://ics.kaspersky.com/the-state-of-industrial-cybersecurity-2020/




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

95% do not have full trust in cybersecurity vendors
Information Security Security Services & Risk Management
Trust in cybersecurity vendors is fragile, difficult to measure, and increasingly shaping risk posture at both operational and board levels. Lack of verifiable transparency undermines cybersecurity decision-making, according to Sophos-backed research.

Read more...
Africa’s largest Zero Trust platform
NEC XON Information Security Commercial (Industry)
Africa has reached a significant cybersecurity milestone with the successful deployment of the continent’s largest Palo Alto Networks Prisma Access and Prisma Access Browser Zero Trust environment, supporting secure remote access for more than 40 000 users for a large enterprise in Africa.

Read more...
Supply chain attacks top threat over 12 months
Information Security
Supply chain attacks have become the most prevalent cyberthreat confronting businesses over the past year, according to a new Kaspersky global study, with nearly one-third of companies worldwide experiencing a supply chain threat in the past year.

Read more...
From vibe hacking to flat-pack malware
Information Security AI & Data Analytics
HP issued its latest Threat Insights Report, with strong indications that attackers are using AI to scale and accelerate campaigns, and that many are prioritising cost, effort, and efficiency over quality.

Read more...
NEC XON secures mobile provider’s hybrid identities
NEC XON Access Control & Identity Management Information Security Commercial (Industry)
For a leading South African telecommunications operator, identity protection has become a strategic priority as identity-centric attacks proliferate across the industry. The company faced mounting pressure to secure both human and non-human identities across complex hybrid environments.

Read more...
Microsoft 365 security is a ticking time bomb
Information Security
Across boardrooms and IT departments, a dangerous assumption persists that because data is stored in Microsoft 365 and Azure, it is automatically secure. This belief is fundamentally flawed and fosters a false sense of protection.

Read more...
Rise in malicious insider threat reports
News & Events Information Security
Mimecast Study finds 46% of SA organisations report a rise in malicious insider threat reports over the past year: reveals disconnect between security awareness and technical controls as AI-powered attacks accelerate.

Read more...
New campaign exploiting Google Tasks notifications
News & Events Information Security
New phishing scheme abuses legitimate Google Tasks notifications to trick corporate users into revealing corporate login credentials, which can then be used to gain unauthorised access to company systems, steal data, or launch further attacks.

Read more...
Making a mesh for security
Information Security Security Services & Risk Management
Credential-based attacks have reached epidemic levels. For African CISOs in particular, the message is clear: identity is now the perimeter, and defences must reflect that reality with coherence and context.

Read more...
What’s in store for PAM and IAM?
Access Control & Identity Management Information Security
Leostream predicts changes in Identity and Access Management (IAM) and Privileged Access Management (PAM) in the coming year, driven by evolving cybersecurity realities, hybridisation, AI, and more.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.