The need to invest money in new security tools that are adapted to the constantly changing situation exists in many industrial companies. While technical structures for updating systems are usually in place, there is a lack of budgets or personnel to implement them. In this interview, Christian Milde, General Manager DACH at Kaspersky, explains why the topic of IT and OT security needs to become more prominent, especially in these times of increasing cyber attacks.

Are German companies adequately prepared for potential cyber attacks and are their protective measures sufficient?

Milde: Cyber criminals have also been attacking ICS systems (Industrial Control Systems) for years, sometimes using sophisticated methods. This poses an immense challenge for companies, especially at the moment. Many companies were previously reasonably stable to robust when it came to cyber security. However, the industry is facing further challenges as a result of the coronavirus-related lockdown.
New standards for working from home, digitalization and hygiene concepts had to be implemented virtually overnight, while at the same time specific threats, such as phishing, which have been intensified by the pandemic, have increased enormously. However, almost half (46% worldwide) of industrial companies are facing bureaucratic rather than technological obstacles to the rapid implementation of new cybersecurity projects.

According to a Kaspersky study, coronavirus will shift the previous priorities in the area of OT security at more than half of all European industrial companies (53%). New cybersecurity projects are underway in many places and need to be completed as quickly as possible, which is already a particular challenge in the OT environment, even without bureaucratic hurdles. Some companies will inevitably be even more cautious than before, as they will have to face these difficulties with a reduced OT security budget. It is becoming increasingly difficult to get approval for funds and other resources without a clearly defined return on investment (ROI). This also applies to projects for more cyber security.

Regardless of the budget, which three security measures should companies implement to protect themselves from cyber attacks?

© Kaspersky

Milde: If companies do not yet have sufficient practice and experience, ICS security projects should only be implemented step by step. This starts with the establishment of organizational processes and the introduction of simple cyber security measures such as security gateways and endpoint protection. Only then should more complex projects such as network monitoring, intrusion prevention and SIEM be tackled. Industry standards such as ISO and IEC help to organize the methods and can speed up projects. All new OT systems should have built-in cyber security. This simplifies further protective measures and gives the OT security teams involved the opportunity to test new tools on dedicated parts of the infrastructure.

In-house IT security and OT experts need specific ICS security training and all employees should have a basic level of cyber security awareness. This will help to better identify and understand the risks and responsibilities at every point in the organization and increase overall cybersecurity awareness.

All OT components and networks need a reliable cybersecurity solution and trusted partners for implementation. Kaspersky Industrial CyberSecurity offers endpoint protection, network monitoring and ICS expertise. These services include cyber security assessments, incident response and up-to-date information on imminent threats and how to defend against them. The results of the assessments can also simplify the approval of security projects at board level.

Keyword security as a service: Should the manufacturing and process industry consider managed security services?

Milde: Many companies - even large ones - sometimes do not have sufficient in-house manpower and expertise to protect themselves against increasingly intelligent digital threats. This is where external experts - so-called managed service providers (MSPs) - can help to protect their networks from attacks of all kinds. The costs incurred for this are well invested, as the danger of risking large sums of money and lasting damage to one's own brand and the associated loss of reputation as a result of compromises is out of all proportion to the expenditure on high-performance cyber protection.