Last week the Biden Administration announced the extension of the Industrial Control Systems (ICS) Cybersecurity Initiative to the water and wastewater treatment facilities. ICS across sectors is at risk from targeted cyberattacks. This is especially true of ICS connected with critical infrastructure. Thus this announcement comes as no surprise with more sectors being recognized as critical, the role of ICS cybersecurity in national economies in addition to the success of businesses has now come under the scanner.
What is the nature of threats to ICS?
The Colonial Pipeline, JBS Foods, and other high-profile incidents that occurred in the recent past have shown that security risks and attacks connected with ICS are growing
These are some of the reasons why the threats to ICS are growing:
- Use of legacy systems that cannot be scanned for vulnerabilities or threats. In many such systems, patching is unheard of as the OEM might have already shut shop as some of these devices were manufactured almost three decades ago
- ICS operation and maintenance practices are not aligned to the cybersecurity practices that are being currently followed in many organizations
- Often there is no dedicated team managing the cybersecurity needs of ICS and the IT security team is tasked with securing them. The IT teams may not be trained to secure such systems
- OT and ICS systems were purpose-built to serve specific needs and nothing more. So to get them to accommodate security in their day-to-day function is near impossible
- Partial automation in some instances have led to newer security concerns
- Lack of visibility into the functioning of these systems has proven to be a significant barrier
What can be done to secure ICS?
Rising breaches in ICS and OT systems have made cybersecurity teams sit up and take notice of ICS security gaps emerging from these systems. Thus, attempts are being made to launch programs to secure them and to contain threats and risks to such systems.
These are the steps that Sectrio proposes to businesses and governments that wish to secure their ICS:
- Access management: to ensure physical and digital security in systems that are fully or partially automated
- Inventory management: know how many ICS systems are there and what exactly does each component do
- Threat detection and neutralization: curb malicious activity at all levels
- Vendor management: work with vendors to improve ICS security wherever possible
- Risk reduction: go for ICS security solutions that improve ICS and OT cybersecurity without creating any significant disruption
- Micro segmentation: segment networks and infrastructure into manageable bits and evolve and deploy micro security policies that can be better administered
- Security audits: development and application of unique security policies and procedures that are custom developed for control system network and its devices. This will also help sensitize security teams and other stakeholders on the need to pay attention to OT and ICS security
- Vulnerability assessment: period assessment of vulnerabilities at all levels should help plug gaps
- Security of data transfers: across networks, data transfer should be done in a secure and with adequate authentication
- Deploy workflow improvements to enhance security and operational transparency
Wish to develop an OT security policy? We have something to get you going here: OT Security Policy
Talk to our regional cybersecurity experts in North America, the Middle East, APAC, and Latin America to understand how to secure your regional ICS, OT, and IoT systems.
Learn about easy to deploy compliance kits to help your regulatory compliance initiatives.
Sectrio is offering its threat intelligence feeds for trial for free for 15 days. Our feeds work with the best SIEM solutions out there and meet all the parameters listed above. To access our threat intelligence feeds for free, sign up now.
Talk to our cybersecurity experts to learn how Sectrio’s IoT security solution and threat intelligence can help your business