Every fifth industrial organisation in the META region turns off their cybersecurity solution if it is affecting production
The new Kaspersky report revealed that 20% of industrial businesses across META tend to switch off their cybersecurity product if it is affecting their production processes or automation systems.
The new Kaspersky report, “Kaspersky ICS Security Survey 2022: The seven keys to improving OT security outcomes”, revealed that 20% of industrial businesses across META tend to switch off their cybersecurity product if it is affecting their production processes or automation systems. Overall, 29% of META organisations face such problems occasionally and another 59% have dealt with these issues at least once. This can all be traced back to compatibility dilemmas.
When implementing security solutions in an operational technology environment, it is vital that organisations strike a balance between security and production continuity. Otherwise, unplanned downtime caused by production interruptions can cost companies up to $260,000 per hour, according to some estimations.
Finding this balance can be challenging and can even lead some companies to switch off their protection. For others, a balance exists but it leans to one side. Most respondents from the META region (80%) prefer changing security settings to find the compromise between security and productivity, while 40% would rather change their production and automation systems to avoid conflict. Globally, 44% of respondents believe the issue lies with the vendor or security provider and prefer to switch providers in order to keep their production processes unaffected.
One possible reason behind companies’ compatibility issues is that their operational technologies (OT) or industrial control systems (ICS) may be out of date and cannot be upgraded. One of the respondents from a high-tech manufacturing firm in North America said: “Our largest issue with our OT and ICS is that the equipment we own isn’t upgradable beyond its current level. The manufacturers don’t offer any type of upgrade to our current systems. We are stuck on outdated platforms that are, and remain, vulnerable.” In fact, according to those surveyed globally and in the META region, it is impossible for the average industrial organisation to update every sixth (16%) endpoint in their OT network.
“In the past asset owners reasonably assumed that the protection and automation systems responsible for the core business processes of an industrial organisation would be left undisturbed throughout the equipment’s lifetime, lasting decades – with the possible exception of occasional settings changes,” says Kirill Naboyshchikov, Business Development Manager, Kaspersky Industrial CyberSecurity. “It was common practice to commission systems as a whole and perform complete retesting and recommissioning if any changes were to be made. However, with the introduction of next generation digital automation systems, there are many instances where this may no longer be the case. Therefore, both general purpose and ultra-specialised computer-based automation systems should be equipped with the following security subsystems and tools and processes: a vendor-approved, holistic and centrally managed protection system; permanent vulnerability monitoring and compliance scanning; network intrusion and anomaly detection; and update, patch management and version control.”
Kaspersky also recommends the following workarounds to not sacrifice OT/ICS protection:
- Adopt essential cybersecurity practices for OT/ICS security, such as network segmentation and access control, and regularly perform security audits or penetration testing to reveal any critical security gaps.
- Improve general security awareness across employees to minimise the risk of attacks due to human error. Boosting security skills across OT engineers with specialised courses can make their protection efforts more effective.
- For industrial control systems (ICS), utilise a threat intelligence service with vulnerability databases, such as Kaspersky Threat Intelligence Portal. This service collects information on vulnerabilities and mitigating measures if patches aren’t yet available or can’t be installed due to process continuity requirements, system certification needs or compatibility issues.
- Choose proven security solutions that have tested integrations with different automation vendors. Kaspersky Industrial CyberSecurity has tested integrations with more than 30 vendors of industrial systems and provides strong protection for OT/ICS networks and nodes.
The full report, “Kaspersky ICS Security Survey 2022: The seven keys to improving OT security outcomes” is available to download here.