Two Reasons for the ICS Cyber Security Deficiency

Two Reasons for the ICS Cyber Security Deficiency

When it comes to industrial cyber security; governments know they need to improve it, industry knows it needs to better understand it and system integrators / automation vendors know they need to offer it. If you fall within any of these categories, ask yourself “What’s your industrial cyber security strategy for 2017?”

The truth is that while the need for cyber security is very apparent, enterprise and industrial networks alike are still often managed without a cohesive security strategy. And, even after many years of being an acknowledged problem, integrated solutions are not in sight. What’s the reason? Well first and foremost is a lack of expertise in the workforce. Secondly, today’s technologies have focused on modularized solutions for either the enterprise network, or the industrial environment; without paying attention to the integration between the two.

Problem #1: “Want a Job? Look No Further than Cyber Security.”

In a notable article from Forbes, the reason for the cyber security deficiency is largely attributed to a general expertise shortage of skilled workforce. According to the article there were more than 209,000 unfilled cyber security jobs in the U.S. in 2016; up 75% from 2015. When looked at globally, that number is greater than one million. With the huge demand for cyber security professionals, even the world’s largest banks, energy companies, and governments can’t seem to find them.

Forbes also states that despite the high unmet demand for cyber security talent, the market for cyber security solutions is expected to continue its growth from $75 billion in 2015 to $170 billion by 2020. All sectors of the economy will have to find innovative ways to scale the expertise of their limited workforces to bring security to extensively connected systems, operations and networks. Innovative cyber tools must lead the way by automating learning of baseline behaviors, network monitoring, and cyber security management so that few may do the work of many, for both corporate and Industrial Control System (ICS) security.

Problem #2: “OT or IT? Siloed Cyber Security Doesn’t Work.”

While the staggering number of unfilled jobs mentioned in the Forbes article the numbers speak for themselves, technology is partially to blame for the cyber security deficiency that many companies and governments face today. This is especially true in non-enterprise sectors such as utilities, oil and gas and industrial manufacturing.

In my career in both industrial and enterprise networking, I have had the privilege (and pain) of seeing cyber security addressed from two divergent spaces. From both directions, cyber security has been shortsighted by an approach that limits the focus to the reach of each group’s network domains. The reason for this shortcoming is that both the industrial automation space (OT) and the enterprise software space (IT) are being forced to connect with one another in terms of solutions delivery, operations management and customer outreach; but security integration has not always followed suit.

Automation and Integration are the Keys to Effective Cyber Security

As the backbone of critical infrastructure, ICSs are ubiquitous in all industries including transportation, water/wastewater, energy and many more. With this said, threat management needs to scale to endpoints throughout the industrial network – such as sensors, PLCs, data loggers and HMIs. Furthermore, as the use of desktops, laptops, tablets and smartphones have come into play, the reach of the ICS domain has grown rapidly. A solution that combines automated anomalous detection of ICS security issues, along with proactive threat remediation and containment, is required if security is to scale beyond the OT / IT divide.

When it comes to cyber security, less attention needs to be paid to the categorization of OT vs. IT, and more on holistic integration between the two. Leaving ICS without highly-scalable, automated, real-time cyber security visibility means that many of our largest industries and government services will continue to be vulnerable to cyber threats.

The good news is that innovative ICS cyber security solutions exist that help reduce the cyber security labor gap by using automated Machine Learning and rapid evaluation of data using Artificial Intelligence. Such tools meet the unique needs of securing industrial networks and processes yet integrate with IT security infrastructure to bridge the OT/IT divide.

When looking for ways to secure industrial networks be sure to seek solutions that address the ICS cyber security deficit by reducing manual work, simplifying security processes and integrating with your organization’s overall security systems.