Cybersecurity Viewpoints

Standards committees and other industry groups have developed and promoted several conceptual models that describe a stepwise approach to cybersecurity for industrial control systems (ICS).  These models address the people, process, and technology elements of the cybersecurity response.

DHS recently held several webinars in the wake of its March announcement regarding Russian state-sponsored hacking group Energetic Bear/Dragonfly on utilities and critical infrastructure installations in the US.  The webinar focused on some of the more interesting and unique aspects of these recent attacks plus some countermeasures that end users can implement right now that can greatly reduce the likelihood of future attacks. 

Cisco is planning to buy Duo Security, a company that provides enterprises with secure multi-factor authentication services, for $2.35 billion, the two companies announced.

AVEVA signed a partnership agreement with Virsec, a provider of advanced cybersecurity technologies.

After its inaugural outing last year, the Industry of Things World Asia event, organized by Berlin based we.CONECT, and a companion conference to the company’s Industry of Things World shows in Germany (Berlin) and the US (Orlando and San Diego), made a return to Singapore this July. As the name implies, Industry of Things World focuses firmly on the industrial strand of IoT, differentiating it from other more general IoT events and making it more than a little relevant for ARC Advisory Group, which this year was the chair for the two-day main conference session.

The announcement in March and these recent statements about cybersecurity should be a call to action for end users in the utilities, critical infrastructure, industrial, and smart cities sectors.  

Smart city cybersecurity, however, is rarely discussed.

Smart city cybersecurity, however, is rarely discussed.

As awareness of potential cyber threats has grown over the past decade, asset owners in many critical infrastructure sectors now recognize the need to better secure their automation systems.

Convergence has obvious implications for cybersecurity. OT’s focus on non-stop operations and eliminating unscheduled downtime is raising the cybersecurity issue on the IT side, and increased data from IT is raising the same issue on the OT side. Each organization’s behavior is driven by what they value, how they think, and how they are rewarded.