Partnership with a solution provider may be the key

Most companies are not compliant with mandatory industry or governmental guidance and regulations relating to their cybersecurity practices. In fact, only 23% of companies who participated in a 2018 Kaspersky study report that they meet the standards. [1]

Even further, 56% of companies say they will increase their cybersecurity budgets in the next year due to potential incidents and risks associated with their current infrastructure and policies. [1]

One of the first investments your organization can make is to perform a Cyber Criticality Assessment. A Cyber Criticality Assessment is a process that allows organizations to identify general threats, determine the worst-case impact, whether it’s Financial, Safety, Health, Environmental, or otherwise, of devices/software becoming unavailable, unreliable, or compromised. The assessment process includes a survey, a vulnerability assessment, and a risk assessment to allow your organization to determine the severity of the consequences should a device or network not perform as intended.

There are key benefits to inviting a professionally certified, expert third-party team to perform your cybersecurity assessment.

1. Unbiased approach to your system.

Third-Party Assessment teams do not represent any hardware or software manufactures. This enables them to take an unbiased approach to your system. While internal teams may have critical knowledge of your control system and may have even designed it, third-party assessors can see both macro and micro-levels of your control system. They will see gaps in a system that internal teams can miss.

This is doubly important when it comes to Operational Technology (OT) and Industrial Control Systems (ICS) because all control system manufacturers have their own products and solutions for implementation. An unbiased third-party assessment team, especially one with a deep understanding of OT systems can connect manufacturer solutions with industry best-practices for solutions that fit your requirements.

2. Cybersecurity experts with the necessary background are difficult, if not impossible, to find.

The cybersecurity industry is expanding and growing at an astounding rate, and the demand for qualified and experienced professionals is fierce. Even when they can’t find qualified professionals to hire, many companies are still hesitant to hire outside help. According to a Kaspersky study released in 2018, 92% of companies who participated in the Kaspersky study prefer to maintain in-house OT and ICS cybersecurity personnel [1]. At the same time, 58% percent of companies find it difficult to find and hire employees with the necessary skills to address their organization’s OT/ICS cybersecurity challenges [1].

• Is your company in a position to contribute resources to compete in the cybersecurity hiring market?
• Is your company willing to be responsible for the cost of ongoing training, specialization, and other costs that come with hiring full-time personnel?
• Does your company have the time and capacity to invest in a ground-up OT/ICS cybersecurity program from within?

If not, consider working with a third-party OT/ICS cybersecurity team who has the expertise and personnel to do the bulk of the work for you.

3. IT vs. OT – It’s not a competition, it’s a complementary approach.

Cooperation and collaboration between OT and Information Technology (IT) is critical for your company’s complete, comprehensive cybersecurity investment. But does your IT team have OT knowledge and expertise?

A third-party assessment team with an OT/ICS background can connect manufacturer products and solutions with industry best-practices and methodologies that meet your requirements. They fill in the OT knowledge gaps that your IT team may lack. For example, assessors with OT backgrounds can provide insight on which control hardware your system uses that meet ISASecure® standards [2]. This is especially critical if your control system uses hardware and software from many different manufacturers.

A top-rated cybersecurity team with both IT and OT backgrounds can help to ensure that your cybersecurity assessment includes all aspects of your control system and business networks while working with your already-established IT team.

If you’re interested in learning more about Cybersecurity System Assessments for your system and establishing a strong foundation for your company’s cybersecurity policies and procedures, click here to reach out to Champion’s team of cybersecurity experts.

[1] Kaspersky, “2018-Kaspersky-ICS-Whitepaper.pdf,” 2019. [Online]. Available: https://ics.kaspersky.com/media/2018-Kaspersky-ICS-Whitepaper.pdf

[2] ISA, [Online]. Available: https://www.isasecure.org/en-US/Certification

Savoy Stewart, “firms-investment-on-cyber-security-by-industry,” [Online]. Available: https://www.savoystewart.co.uk/blog/firms-investment-on-cyber-security-by-industry

A number of studies have found that untrained employees are the biggest threat to an organization’s network security. A study[1] by ESI ThoughtLab found that 87% of executives are aware of this fact. Consequently, companies of all industries and sizes are now putting more focus on preventing (or minimizing) attacks by investing in training for employees using Operational Technology (OT) systems including Industrial Control Systems.

Common Pitfalls

• Operators accidentally click on a link in a phishing email from an operator station
• Poor credential management: Allowing unrestricted access to system areas or functions that are not needed for an operator’s job role
• Incident preparedness: No incident response program. What if something did happen? Is there a well-prepared plan in place
• User’s credentials are not removed from system when leaving the company.

Mitigation through Cybersecurity

Even trained employees are human. The good news is many weak links can be prevented by improving the security of your ICS network.

Champion’s Certified Cybersecurity Experts are trained in the latest ISA/IEC 62443 and NIST standards for Industrial Cybersecurity. This means you benefit from the most current, comprehensive safeguards for your operations.

Industrial Cybersecurity is an ongoing cycle of assessing vulnerabilities, implementing solutions, and maintaining secure operations without production downtime.

Champion can help you by providing Vulnerability & Risk Assessments of your current network, then offer System Hardening and Configuration to mitigate risks. We can also help you in developing Cybersecurity Policies and Procedures, implementing best practices, and recovery steps for incident response in the event of an attack. We can even host a complete backup of your control system to get you up and running with little or no downtime, should a major disaster strike.

Lastly, as your Cybersecurity Experts, Champion can maintain a secure live Intrusion Detection & System Recovery Systems, Investigate Incidents, and provide a comprehensive incident response plan that fits your needs.

[1] Source: https://www.controleng.com/articles/untrained-staff-is-the-biggest-cyber-risk-according-to-report/

Source: https://www.exida.com/Blog/cyberattacks-succeed-where-humans-and-systems-are-weak