Today, industry faces cyber threats that are constantly evolving. The growing use of IT applications in the OT environment is enlarging digital footprints, at the cost of increasing exposure to cyberattack. Effective industrial cybersecurity requires a holistic approach.
Andrew Avanessian is a vice president at security software company Avecto. For him, cybercrime is now the biggest threat facing industrial companies.
The complex supply chains often associated with the industrial sector provide cybercriminals with a multitude of hiding places and easy access to the corporate system.
With the threat of data theft and distributed denials of service, ransomware and malware attacks on the rise, Juniper Research predicts the cost of industrial cybercrime will reach US$2 trillion by 2019. Cybersecurity Ventures expects the figure to climb to US$6 trillion by 2021.
A 2016 survey by analytical service provider HfS Research polled 208 security professionals at companies with over 500 employees. Over half the respondents had experienced data theft or corruption by external cybercriminals. Jamie Snowdon, chief data officer at HfS explains:
Cybercrime is real and the risk for industry is much greater than it was five years ago. It is increasingly hard to keep pace with the variety of cybersecurity threats out there.
Threat Development
The rise of big data, mobile computing and the IoT is revolutionizing how industrial companies operate. Unfortunately, a huge number of mobile and IoT devices are vulnerable to cyberattack. Guy Rosefelt, web security expert at security solution provider NSFOCUS, explains:
The vast majority of IoT devices have poor security because the software these devices run was never designed with security in mind.
The IoT cybersecurity threat came to prominence last year with the attack on Dyn, a company that controls much of the internet’s domain name system. The botnet, a network of private computers infected with malicious software involved in the attack, was largely made up of IoT devices such as digital cameras and DVRs. For Adam Meyer, chief security strategist at cyber threat solution provider SurfWatch Labs, 2017 will witness increasingly creative IoT attacks.
Vendors will work in new security precautions, but cybercriminals will focus their attention on new ways to leverage IoT devices for their own malicious purposes.
Ransomware, a breed of malware that has so far concentrated on locking down access to data, carved itself a niche as one of the main cybersecurity threats of 2016. [Read our special feature Could Hackers Hold Industrial Controls for Ransom?].
Good Cybersecurity Starts at Home
A growing number of companies are now taking steps to boost their cybersecurity, but more is needed. The combination of an inadequate regulatory environment, a lack of awareness and poor IT/OT segmentation means many industrial facilities are still highly exposed to attack, adds Meyer.
A lot of industrial organizations have infrastructure that has been in place for a long time. It’s a real challenge to pivot towards the new reality of today’s cyber threats.
For all industrial sectors, effective organizational cybersecurity is about understanding the company’s operating environment and proactively looking for new and existing threats. Whether it’s being victimized by phishing attacks or the use of unprotected mobile phones with access to enterprise data and networks, humans are generally accepted to be the weakest link in any cybersecurity system.
Poor organizational cybersecurity culture coupled with poor user awareness of cyber threats are the two greatest insider risks to most companies. These are also the cheapest problems to put right and can yield the greatest improvements.
Avecto’s Microsoft Vulnerabilities Report 2016 revealed that 94% of critical Microsoft vulnerabilities were mitigated by simply removing admin rights. Assigning user privileges means that employees are only given access to the applications needed to perform their jobs. Avecto’s Avanessian says:
This technology should be layered with application whitelisting, which ensures that only trusted programs can launch, and content isolation solutions, which keep any potentially malicious online content separate from the corporate system.
Taking a proactive approach to cybersecurity invariably impacts the bottom line. But in the face of intensifying cyber threats, the cost of doing nothing makes action imperative. For HfS Research’s Snowdon,
Companies must adopt a holistic approach to cyber risk mitigation. This should include cybersecurity talent and training, robust testing systems and a budget and finance rethink.
