Industrial Defender (www.industrialdefender.com), Foxborough, Mass.-based supplier of security and compliance management for automation systems, announced the results of a global survey of critical infrastructure operators on Dec. 14.
Survey results show that while critical infrastructure operators hold great responsibility for managing security, compliance and operations, many struggle to balance the resources required for each of these functions. In addition, while these individuals identify overlapping needs across security, compliance and operations, most have a constrained ability to address these requirements in any unified manner.
“There’s lots of attention being paid lately to the risks that cyber attacks pose to critical infrastructure,” said Brian Ahern, president and CEO of Industrial Defender. “Last year, the Stuxnet worm escalated the discussion about these threats to the boardroom. More recent developments have only increased concern among industry executives. Just last month, for example, the FBI disclosed that cyber attackers accessed the critical infrastructure of three U.S. cities by compromising their industrial control systems. Rather than focus on breaches, our survey was designed to go deeper, to help us gain a better understanding of the specific, real-world challenges that operators face today in managing security, compliance and operations in their complex environments.”
This survey identified several trends that are impacting critical infrastructure managers and operators around the world. Following are some of the findings:
--> The relationship between industrial operations and corporate IT is clearly growing in complexity.
--> Corporate managers and ICS professionals hold very different views about how automation environments will evolve in the future.
--> While many ICS professionals report that their official responsibilities have expanded to include managing security and compliance, their reported day-to-day activities do not reflect this change.
--> Similar management requirements exist across security, compliance and operational functions in the complex automation environments that exist within critical infrastructure.
--> Today, many infrastructure operators are constrained in their ability to effectively manage their overlapping security, compliance and operational requirements.
Sample Data Points
As industrial control systems become more complex, connectivity with the corporate environment will grow.
Shrinking air gaps: 71% percent of respondents expect either significant or moderate increases in connectivity between industrial endpoints and corporate IT infrastructure over the next 3-5 years.
Explosive growth in industrial endpoints: 23% percent or respondents expect a doubling – or more – of the numbers of industrial endpoints over the next 3-5 years.
It’s a difficult balancing act to manage and prioritize growing responsibilities in operations, security and compliance.
Responsibilities widening: Most respondents hold meaningful (“primary” or “significant”) responsibility for all three functions: security, compliance and operational management.
Time committed to each function: Responses indicate that balancing priorities is a struggle, for these individuals. Nearly three quarters of respondents said they spend less than 25% percent of their time per month dedicated to managing security. 81% spend less than 25% of their time on compliance/audit management; 45% spend less than one-quarter of time on operational management.
Commonalities exist across the activities required to support security, compliance and operational management. The survey evaluated the role of several key activities, including: monitoring critical system performance and health, identifying events and changes collecting and managing configuration data managing industrial asset data; tracking and validating changes; and managing incidents and problems.
Role in security, compliance and operational management: Respondents agree the activities listed above were key to managing security, compliance and operations. More than half believed all of these are “extremely” or “very important.”
Current constraints in managing security, compliance and operations: Although respondents cited these activities are important, many reported they currently have weak abilities to execute on these functions. Challenges are even more evident when respondents considered their ability to take these actions in a unified fashion across their overall ICS environment.
Industrial Defender’s survey was conducted online between November 3 and November 18, 2011. The survey polled 134 individuals employed by critical infrastructure operators with responsibility for managing security, compliance and/or operations within industrial automation environments.
To download a copy of the full report, go to www.industrialdefender.com/icsreport/ICSurveyReport.pdf