{"id":16941,"date":"2021-10-04T10:02:03","date_gmt":"2021-10-04T09:02:03","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=16941"},"modified":"2021-10-04T10:12:52","modified_gmt":"2021-10-04T09:12:52","slug":"what-are-the-trends-and-challenges-in-industrial-cybersecurity-in-2021","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2021\/10\/what-are-the-trends-and-challenges-in-industrial-cybersecurity-in-2021\/","title":{"rendered":"What are the trends and challenges in industrial cybersecurity in 2021?"},"content":{"rendered":"\n

This first edition of Wavestone’s Industrial Control Systems (ICS) Cybersecurity Radar comes at a very special time. On one hand, the health and economic crisis context is considerably weakening the companies that manage critical infrastructures. On the other hand, the cyber threat is increasing, with ransomware affecting critical systems more and more often. It is no longer enough to ask the question of how to prevent cyber-attacks: one must also plan how to react in case of a crisis, how to quickly isolate a critical industrial system and how to quickly restore a compromised system.<\/span><\/p>\n

In this article, we expose our vision of the market and the maturity of cybersecurity for industrial information systems (IS), as well as our convictions and analysis on the subject.<\/span><\/p>\n

What is the state of the threat to industrial information systems?<\/span><\/h2>\n

In 2011, the cybersecurity of industrial information systems, suddenly came to the forefront with the Stuxnet attack and the discovery of a state level threat against Operational Technologies (OT). For a decade, Advanced Persistent Threats (APTs) were considered the biggest threat to industrial system security, through impressive and complex attacks, such as the series of “Black Energy” attacks against the Ukrainian power grid between 2007 and 2014, or the “Triton” attack against the safety systems of a chemical plant in Saudi Arabia in 2017.<\/span><\/p>\n

However, the Snake\/EKANS case in 2020 allows us to point out a trend that has been continuously increasing for the past few years: the appearance of ransomware in ICS. These ransomwares are the result of opportunistic attacks on vulnerable systems or are side effects of attacks targeting the corporate IS, as in the case of Colonial Pipeline in May 2021.<\/span><\/p>\n

With the ransomware business model becoming sustainable on one hand, and the emergence of increasingly connected industrial IS on the other hand, it is realistic to expect a large increase in opportunistic attacks and ransomware side effects on industrial information systems.<\/span><\/p>\n

Faced with an increasing threat, companies must implement cybersecurity measures on industrial systems and define coherent strategic goals, but this requires a real investment. Therefore, we have worked on listing ICS cybersecurity domains and the solutions to secure them. This radar is not exhaustive, but it aims to clarify the topic by giving a high-level vision. <\/span><\/p>\n

\"\" \"\"<\/span><\/p>\n

\u00a0<\/h2>\n

Methodology<\/span><\/h2>\n

For five months<\/b>, this radar was built with five experts <\/b>in cybersecurity of Industrial IS, in addition to the hundred consultants of Wavestone’s industrial cybersecurity offer.<\/span><\/p>\n

This radar has two parts (we will call them dials): one is presenting cybersecurity products<\/b> specialized in industrial IS and the other is presenting the different domains<\/b> of industrial IS cybersecurity, sorted by maturity level.<\/span><\/p>\n

Industrial cybersecurity products<\/b> are identified as such according to the following criteria:<\/span><\/p>\n