Kaspersky: the state of industrial cybersecurity in 2020

By Paddy Smith
Looking into Kaspersky’s survey on the state of industrial cybersecurity, organisational priorities and the challenges faced in tech across industries...

For Kaspersky, 2020 was a special year for surveying; the COVID-19 pandemic and subsequent industry lockdowns opened up industrial cybersecurity for brand new challenges that it hadn’t previously faced. Some existing cybersecurity methods were strained, and industry experts have been quick to identify the majority of weak points exposed. Many industrial companies now have a very simple, but vital question: ‘How must the cybersecurity maturity model be adapted to provide effective protection in the digital age?’

The Key Findings Of The Report

The report also brings to light the question of how industrial control systems (ICS) cybersecurity drivers dealt with threat challenges during the pandemic. This has been brought up because ICS and the automation components used within them haven’t ever been considered as a security risk historically; any faults found were often related to defects in the hardware and software. However, as the world becomes increasingly digital, and the Internet of Things (IoT) interconnects more and more components, physical assets can now be targeted for manipulation, and even destruction by cyberattacks and criminal organisations─who are ceasing this development as an opportunity to exploit ICS as a business model. 

With that in mind, Kaspersky suggests that it is time for industrial control system users to invest in with “new, modern security methods to detect attacks and initiate countermeasures”. 

As we already know, the majority of businesses have changed the way that they operate during the pandemic ─ primarily, to a ‘work from home’ format. According to the report, 53% of respondents have been operating with a remote workforce, which was a stress test for cybersecurity processes. Due to this, 14% revised their cybersecurity concepts, and only 7% found that their existing models and strategies were up to the task of protecting their remote workers. For those who didn’t have sufficient cybersecurity plans, they realised that “they need to supplement [the] procedures during exceptional circumstances.” 

ICS Cybersecurity Drivers

Due to the complexity of ICS, in the majority of organisations today, all budgets are decided by interdisciplinary teams. Kaspersky advises that the “best way to find suitable protection measures is to consult experts from different fields”, including specialists in IT, ICS, safety, and production. 67% of the respondents reported that a team of experts akin to this is growing increasingly popular and influential in the decision-making process surrounding cybersecurity in their own firms. 

Many of the companies involved in the report stated that they “expect certain benefits from digitisation”, including improved efficiency in the workplace. This is to be expected, given that human and tech augmentation is explicitly designed to up the ante, and it’s entirely plausible. However, as interconnected devices influence the operational technology (OT) topology, the ICS cybersecurity maturity models that they rely on need to be updated too. “55% of respondents confirmed that their OT networks are checked for security issues at least once a year or more often”, while 44% focus on cybersecurity initiatives daily during their digital transformations. 

These figures suggest that the important principles for basic cybersecurity protection are pretty much in place, but that there still needs to be a degree of education and implementation over the coming years, to ensure that all industrial organisations have sufficient cybersecurity to ward off any potential threats in an increasingly dangerous world.  


Featured Articles

Cloud & 5G - Day 1 highlights from the in-person stage

TECH LIVE LONDON returned to the Tobacco Dock last week. The stage host and Technology Magazine Editor in Chief, Alex Tuck, discusses the key themes

TECH LIVE LONDON: Day 2 highlights of the hybrid tech show

We take a look at some of the highlights of our final day at the Tech Live London show, including insights from Claroty, SalesForce and Oracle

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

TECH LIVE LONDON: Begins tomorrow at 10am!

Digital Transformation

Executive Q&A: Marc Lueck, CISO EMEA, Zscaler

Cloud & Cybersecurity

TECH LIVE LONDON: Registering, networking and logistics

Digital Transformation