Every third industrial organization turns off their cybersecurity solution if it is affecting production

The new Kaspersky report, “Kaspersky ICS Security Survey 2022: The seven keys to improving OT security outcomes,” revealed that 30% of industrial businesses tend to switch off their cybersecurity product if it is affecting their production processes or automation systems. Overall, 38% of organizations face such problems occasionally and another 43% have dealt with these issues at least once. This can all be traced back to compatibility dilemmas.

When implementing security solutions in an operational technology environment, it is vital that organizations strike a balance between security and production continuity. Otherwise, unplanned downtime caused by production interruptions can cost companies up to $260,000 per hour, according to some estimations.

Finding this balance can be challenging and can even lead some companies to switch off their protection. For others, a balance exists but it leans to one side. Most respondents (65%) prefer changing their production and automation systems to avoid conflict, while 59% would rather change their cybersecurity settings. Another 44% believe the issue lies with the vendor or security provider and prefer to switch providers in order to keep their production processes unaffected.

One possible reason behind companies’ compatibility issues is that their operational technologies (OT) or industrial control systems (ICS) may be out of date and cannot be upgraded. One of the respondents from a high-tech manufacturing firm in North America said: “Our largest issue with our OT and ICS is that the equipment we own isn’t upgradable beyond its current level. The manufacturers don’t offer any type of upgrade to our current systems. We are stuck on outdated platforms that are, and remain, vulnerable”. In fact, according to those surveyed, it is impossible for the average industrial organization to update every sixth (16%) endpoint in their OT network.

“In the past asset owners reasonably assumed that the protection and automation systems responsible for the core business processes of an industrial organization would be left undisturbed throughout the equipment’s lifetime, lasting decades – with the possible exception of occasional settings changes,” says Kirill Naboyshchikov, Business Development Manager, Kaspersky Industrial CyberSecurity. “It was common practice to commission systems as a whole and perform complete retesting and recommissioning if any changes were to be made. However, with the introduction of next generation digital automation systems, there are many instances where this may no longer be the case. Therefore, both general purpose and ultra-specialized computer-based automation systems should be equipped with the following security subsystems and tools and processes: a vendor-approved, holistic and centrally managed protection system; permanent vulnerability monitoring and compliance scanning; network intrusion and anomaly detection; and update, patch management and version control.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here