Nozomi Networks, a company that provides real-time cybersecurity and operational visibility into Industrial Control Networks has comprised the top 5 predictions for ICS Security in 2018 Edgard Capdevielle, CEO at Nozomi Networks outlines the 5:
Edgard Capdevielle, CEO at Nozomi Networks:
1. ICS Malware Moves Beyond Windows Exploits to ICS-Specific Malware. Up to now, most malware that has infected ICS have used Windows vulnerabilities or protocols to infect and spread. For example, in 2017, WannaCry, Industroyer and Dragonfly 2 all used the Windows protocol, SMB, as a key infection and proliferation mechanism. Malware attacks using OT device software, for example PLC software, will start to occur adding to the sea of Windows-dependent attacks.
2.The cuffs will come off of Internet connectivity for ICS systems as IT technology is increasingly integrated with ICS systems to achieve operational efficiencies. Progressive companies will implement new technologies and procedures necessary to not only bridge IT and OT, but also to defend their ICS from this source of cyber threats.
3. Artificial intelligence becomes more mainstream for ICS systems to provide next generation security to fight cyber threats. Organizations grappling with ICS cybersecurity staffing and skills shortages are turning to AI solutions to achieve security and productivity goals. AI powered monitoring tools are now able to discover breaches automatically and provide information on remediation.
4. The shortage of ICS cybersecurity skills will open the door for vendors to provide full security services. These services will move beyond risk assessments to become more full service.
5. Security-by-Design will start to Improve ICS Security. Major companies will increase their demands that security be included in new automation equipment purchases. For example, requiring that RTUs have encrypted software. Cybersecurity certification will also rapidly grow and major automation vendors will have their products tested for the ISA Secure certification.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.