Kaspersky: The dilemma that concerns businesses

Three out of ten (30%) businesses choose to disable the cybersecurity program in case their production processes or automation systems are affected, according to Kaspersky’s new report “Kaspersky ICS Security Survey 2022: The seven key to improve OT security outcomes.” Overall, 38% of organisations occasionally face such problems, while 43% have experienced these issues at least once. Behind these obstacles are issues of compatibility.

When implementing safety solutions in an operational technological environment, it is vital that organizations strike a balance between safety and continuity of production. Otherwise, unplanned downtime caused by production outages can cost businesses up to 260,000 dollars per hour, according to some estimates.

Finding this balance can be challenging and can even lead some companies to cut off their protection. For some, a form of balance is achieved, which nevertheless tends to one side.

Most respondents (65%) prefer to change their production and automation systems in order to avoid such dilemmas, while 59% would prefer to change the company’s digital security settings. A further 44% believe that the issue lies with the supplier or security provider and prefers to change software in order to keep its production processes unaffected.

A possible explanation for the compatibility issues that may arise lies in the operational technologies (OT) of enterprises or industrial control systems (ICS), which may be outdated and cannot be upgraded. One of the respondents from a high-tech manufacturing company in North America said: “Our biggest problem with OT and ICS is that the equipment we have is not upgradeable beyond its current level. Manufacturers do not offer any kind of upgrade to our current systems. So, we are clinging to outdated platforms that are and remain vulnerable.” In fact, according to respondents, it is impossible for the average industrial organisation to update one in six (16%) endpoints on its OT network.

“In the past, asset owners reasonably assumed that the protection and automation systems responsible for an organization’s core business processes would remain unaffected throughout the life of the equipment, that is, for a few decades – with the possible exception being just some occasional regulatory changes,” said Kirill Naboyshchikov, Director of Business Development at Kaspersky Industrial CyberSecurity.

Kaspersky also recommends the following solutions to avoid having to sacrifice OT/ICS protection.

First, adopt basic cybersecurity practices for OT/ICS security, such as network segmentation and access control, and regularly conduct security checks or penetration tests to uncover any critical security gaps.

Second, improve workers’ general safety awareness to minimise the risk of attacks due to human error. Enhancing safety skills in OT engineers through specialized courses can make their work more effective.

Also, for industrial control systems (ICS), use a threat intelligence service with vulnerability databases, such as the Kaspersky Threat Intelligence Portal. This service collects information about vulnerabilities and smoothing measures in case upgrades are not yet available or cannot be installed due to process continuity requirements, system certification needs, or compatibility issues.

Finally, choose proven security solutions that have tested integrations with different automation vendors. Kaspersky Industrial CyberSecurity has conducted tests with more than 30 suppliers of industrial systems and provides strong protection for OT/ICS networks and nodes.