In a move aimed at managing industrial cyber risks and protecting the continuity and integrity of technological processes in industrial environments, security giant Kaspersky Lab has debuted a specialised solution to secure critical infrastructure and industrial facilities: Kaspersky Industrial CyberSecurity.
Kaspersky says this is vital as in these environments virtual threats have the potential to cross the boundaries of cyberspace and target field-level equipment, threatening both nature and human lives.
According to the company, it delivers a unified, holistic approach to IT security for industrial facilities, combining the company's leading technologies, services and intelligence in one package.
Information technologies and process automation systems are core to the operation of all modern industrial facilities - from power plants, refineries and assembly lines to railways, airports and smart buildings. However, where corporate IT networks view confidentiality as the top priority, industrial control systems (ICS) are dependent on faultless continuity and consistency of the technological process.
"Strict regulation and compliance can lead to unprotected operating of critical facilities if the cyber security measures do not meet safety requirements," says Kaspersky. "The new solution takes all these unique requirements into account and delivers protection to the ICS network at the layers most vulnerable to cyber attacks - ICS/SCADA servers, HMI panels, engineering workstations, PLCs and more - securing them from cyber threats without affecting operational continuity and consistency of the technological process."
The company's co-founder and CEO, Eugene Kaspersky, says the cyber security of industrial systems and critical infrastructures is of vital importance. A growing number of these systems are using devices and channels that interact with the outside world. "Sometimes they use equipment that was never intended for external access, not to mention software that was created decades ago and has not been upgraded since."
He says the issue is serious because over and above the continuity of the production process being at stake, the environment and even human lives can be at risk. "Our solution is capable of ensuring the cyber security of the technology cycle at all levels of automated process control. We are also actively co-operating with manufacturers of automation systems in order to develop equipment that takes new cyber security standards and requirements into consideration."
The product boasts a mixture of conventional security technologies, adapted for an ICS environment. These include anti-malware protection, whitelisting and vulnerability assessment functionality. Added to this mix, are several technologies designed specifically for industrial environments, including Integrity check for PLC programs, Semantic monitoring of process control commands and telemetry data to detect cyber attacks targeting physical part of an infrastructure.
In addition, an Observability Mode is focused on the detection of cyber attacks, operation personnel faults and anomalies inside industrial network. The various technology components are managed via a single centralised management console.
Kaspersky Industrial CyberSecurity also helps infrastructure operators build efficient security strategies that involve more than just threat detection and prevention, by adding specialised security services to develop incident response and prediction capabilities. These include industrial cyber security training for IT security professionals and awareness programmes for general staff.
Other services also include Cyber Security assessment and Penetration Testing which enable clients to boost their own intelligence, manifest the most critical vulnerabilities, including zero-day, and predict cyber threats relevant to the company's specific industrial assets and technological processes. Moreover, Incident Response services help to localise the intrusion, mitigate consequences, stop attackers from penetrating further into the infrastructure, prevent subsequent attacks on a comp?ny and develop incident response plan for the future.
The settings on the new product are highly customisable meaning it can be configured in strict accordance with the requirements of different industries, facilities and production lines, allowing the product to be effectively integrated into an entitiy's current ICS network and processes without the need for any major modifications.
The solution has been successfully piloted and integrated in a number of projects, including at the VARS petrochemical terminal and TANECO oil refinery giant.
Share