IoT will transform industrial security

Issue 7 2020 Cyber Security

The digitalisation of industrial infrastructure is underway and 55% of organisations globally are confident that the Internet of Things, as one of its key aspects, will change the state of security in industrial control systems (ICS). According to Kaspersky’s recent report, ‘The State of Industrial Cybersecurity in the Era of Digitalization,’ 20% of organisations have already prioritised IoT-related incidents but solutions effective against IoT threats are yet to become widespread.

Industrial organisations continue to implement digitalisation and Industry 4.0 standards. Even despite the market slowdown as a result of the coronavirus pandemic, digitalisation is still being adopted. For instance, McKinsey & Company’s recent research revealed that 90% of manufacturing and supply chain professionals plan to invest in talent for digitalisation. Their research also shows that companies, where such projects had already been introduced, feel more confident during crises.

At the same time, the growing number of digitalisation projects, such as industrial IoT (IIoT), raises awareness of the associated risks. For one in five companies globally (20%), attacks on IIoT have already become one of their main cybersecurity concerns, bypassing such serious threats as data breaches (15%) or attacks on the supply chain (15%). Addressing them increasingly requires security professionals’ involvement, not just IT teams. In 2020, in almost half of the enterprises surveyed, IT security personnel are working on initiatives to protect digitalised OT systems (44%).

The report showed that today, however, not all organisations may feel ready to face threats to IoT. Thus, only 19% of companies globally have implemented active network and traffic monitoring, and 14% have introduced network anomaly detection – these solutions allow security teams to track anomalies or malicious activity in IoT systems.

“While industrial enterprises will only increase the implementation of connected devices and smart systems, they should strive for the same efficiency level when it comes to protection. To achieve this, protection should be built-in when a project is initiated, and for some companies, it should be done today. IIoT components must be secure at their core to eliminate the possibility of an attack on them. Along with traffic protection and other technologies, this makes the entire system secure by design and this means it becomes immune to cyber-risks,” commented Grigory Sizov, head of the KasperskyOS business unit, Kaspersky.

To ensure IIoT systems are used effectively and safely, Kaspersky experts provide organisations with the following advice:

• Consider protection at the very beginning of IIoT implementation by using dedicated security solutions. For example, the Kaspersky IoT Infrastructure Security solution is designed to safeguard industrial and business networks for IoT devices – including smart meters, controllers and others. Its key element is Kaspersky IoT Secure Gateway, based on KasperskyOS.

• Assess the status of a device’s security before its implementation. Preferences should be given to devices that have cybersecurity certificates and products from those manufacturers that pay more attention to information security.

• Conduct regular security audits and provide the security team responsible for protecting IoT systems with up-to-date threat intelligence.

• Establish procedures for obtaining information on relevant vulnerabilities in software and applications, and available updates to ensure proper and timely responses to any incidents. ICS Threat Intelligence Reporting service provides insights into current threats and attack vectors, as well as the most vulnerable elements in OT and industrial control systems and how to mitigate them.

• Implement cybersecurity solutions designed to analyse network traffic and detect anomalies and prevent IoT network attacks, then integrate the analysis into the enterprise network security system. Kaspersky Machine Learning for Anomaly Detection analyses telemetry and identifies any suspicious actions in the network before it causes any damage.

To read the full report, go to https://ics.kaspersky.com/the-state-of-industrial-cybersecurity-2020/




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Understanding the evolving cybersecurity landscape
Issue 5 2021, Vox , Cyber Security
Given the global disruption that took place last year, it is hardly surprising that malware increased by 358% and ransomware by 435% as compared to 2019.

Read more...
Protecting business from ransomware at the edge
Issue 4 2021 , Cyber Security
It might not always be possible to prevent ransomware from infecting remote networks, however, a robust backup and disaster recovery strategy can get the business back on track if systems are locked down.

Read more...
How safe are our factories?
Issue 5 2021, Wolfpack Information Risk , Industrial (Industry), Cyber Security
In this, the first part of a series on cybersecurity for operational technology, Bryan Baxter asks how safe our factories are from cyber threats.

Read more...
Managing a breach or ‘dirty’ network
Issue 5 2021 , Editor's Choice, Cyber Security
Nasser Bostan, head of security sales, Middle East and Africa, BT, shares BT’s insights gleaned from the SolarWinds incident and offers recommendations for organisations to step up their cybersecurity strategies.

Read more...
Protecting your workforce
Issue 5 2021, J2 Software , Cyber Security
With Workforce Cyber Intelligence, organisations can reduce legal liability by identifying the personal online activities that put the enterprise at risk, while still protecting employee privacy.

Read more...
Can businesses really protect their customers?
Issue 5 2021 , Cyber Security
Cyber-criminals use many methods to extract data from businesses or individuals, but spam remains one of the key means of parting consumers from their cash.

Read more...
USBs threats are back
Issue 4 2021 , Cyber Security
Kaspersky has uncovered a rare, wide-scale advanced persistent threat (APT) campaign; initial infection occurs via spear-phishing emails containing a malicious Word document and can then spread to other hosts through removable USB drives.

Read more...
Incedo consolidates its cybersecurity defence
Issue 4 2021 , Cyber Security
Check Point Software´s end-to-end solution safeguards Incedo and its customers from a global spike in cyberattacks, while reducing costs and increasing productivity.

Read more...
Top 10 security misperceptions
Issue 4 2021 , Cyber Security, Security Services & Risk Management
The Sophos Rapid Response team has compiled a list of the most commonly held security misperceptions they’ve encountered in the last 12 months while neutralising and investigating cyberattacks in a wide range of organisations.

Read more...
Top cybersecurity considerations for SMEs in 2021
Issue 3 2021 , Cyber Security, News
Cisco has published its 2021 SMB Security Outcomes Study, highlighting what SMB leaders are doing to thrive in today's ever-evolving threat landscape, as well as offering actionable insights on where they should focus.

Read more...