Outside of critical infrastructure and large global companies, most manufacturers have eyed the need for cybersecurity protection somewhat at arms length. They know they need it and they have increasingly been taking serious steps to better protect their systems. In response, the industrial cybersecurity market has generated a lot of helpful information and expanded with the addition of several new companies.
See the Automation World article on how manufacturers and processors are handling calls for greater cybersecurity while still looking to maintain air gaps between their control systems and the outside world.
Eddie Habibi, founder and CEO of PAS—a cybersecurity and asset and operations management technology supplier—recently shared his thoughts on what he called “seven seismic trends” he expects to take place in relation to industrial cybersecurity in 2018.
Disclosing a Critical Infrastructure Cyber Attack Will Be Mandatory
Habibi notes that the lack of a mandate to disclose attacks on corporations “continues to hinder accurate intelligence gathering and the development of targeted defensive strategies against an evolving threat landscape.” He expects the U.S. will follow the European Union’s lead, and that Congress will begin to hold hearings that include mandating disclosures of cyber attacks within certain critical infrastructure industries.
Nation-State Cyber Alliances Will Become the New Norm
As an added step beyond new governmental requirements, such as the mandatory disclosure example listed above, Habibi thinks countries will begin discussing the creation of cybersecurity alliances. “Establishing these alliances will provide mutual defense for all countries involved and will allow for the sharing of intelligence in the face of attributed nation-state attacks, not to mention agreements to not attack each other,” he said. Habibi added that the idea of cyber-physical non-proliferation treaties will begin gaining traction. He said that such treaties will “likely forgo any promise of governmental investigation when non-critical infrastructure companies or individuals are the target of cyberattacks.”
Cybersecurity and Process Safety Will No Longer Operate in Silos
We’ve been covering the integration of IT and operations technology (OT) in industry quite a bit—and for good reason—as this is where the rubber will meet the road in terms of cybersecurity. “The process industries have long depended on technologies, such as Emergency Shutdown and Safe Operating Limit systems, to mitigate and minimize the consequences of a catastrophic incident,” Habibi said. “As these systems take on the dual role of cyber defense, we predict that companies will require tight integration between cybersecurity applications and their operational risk and safety management strategies.”
Companies Will Demand Supply Chain Security
If nothing else causes small to mid-sized manufacturers to take note of their need for greater cybersecurity protections, demands to do so from the companies they supply could be the turning point. Habbi said he expects companies to begin placing greater demands on their suppliers for security certifications and audit reporting. “Cyber supply chain certification requirements will have similarities to process improvement programs, such as Six Sigma, demanding suppliers implement and abide by cybersecurity best practices,” he said.
ICS Will Jump into the Cyber Insurance Game
Habibi noted that, because most operations technologies are “invisible to security personnel, insurance companies have long faced challenges understanding true risk within a facility and will continue to struggle with writing policies specific to these environments.” However, industrial companies that can “gain visibility into all their cyber assets, as well as monitor and mitigate risk, will have better options for insuring the heart of their operations,” he said. To aid this, Habibi expects to see more comprehensive ICS cybersecurity policies offered by insurance companies.
The “Kaspersky Effect” Will Spread
Russia has been in the news so much this past year that you may have missed moves by the U.S. federal government to ban the use of Kaspersky anti-virus software on government systems. The U.S. military was the first to do so, well in advance of other federal agencies. However, Habibi cautioned that Russia should not be our only concern in this area. “Other countries have shown similar nationalistic tendencies, such as China and its recently passed, far-reaching cybersecurity law that requires access to vendor source code,” Habibi said. “We predict that the U.S. Executive Branch will show similar tendencies and direct government agencies to exercise procurement preference for vendors with development and manufacturing in the U.S. or allied countries. Software companies will form a loose coalition to lobby for global standards for protection of intellectual property considering the burgeoning cybersecurity risks.”
Watch the OT Security Market Thin Out
With all the new entrants into this space over the past two years, the thinning of the ranks in this sector in not unexpected. Habibi expects some of these startups will “struggle to gain significant market adoption from industrial companies concerned with business continuity and safety,” he said. “Expect network anomaly detection companies with significant market share in enterprise IT to enter the OT market through acquisitions and alliances, ushering in a new phase of consolidation.”
Look for a feature article from Automation World in February 2018 that will help you make sense of the growing industrial cybersecurity market.