Five cybersecurity predictions for 2018

Nozomi Networks listed five ICS security predictions for 2018 such as increased information technology (IT) integration and potential cybersecurity challenges.

By Nozomi Networks November 14, 2017

Nozomi Networks, a provider of real-time cybersecurity and operational visibility into industrial control networks (ICSs), listed their top 5 predictions for ICS security in 2018. The predictions focus on topics such as information technology (IT) integrations and potential cybersecurity issues for companies.

1. ICS-specific malware. Up to now, most malware that have infected ICSs have used Microsoft Windows vulnerabilities or protocols to infect and spread. For example, in 2017, WannaCry, Industroyer and Dragonfly 2 all used the Microsoft Windows protocol, SMB, as a key infection and proliferation mechanism. Malware attacks using operations technology (OT) device software such as programmable logic controllers (PLCs) software.

2. Increased IT integration with ICS systems. The cuffs will come off of Internet connectivity for ICS systems as IT technology is integrated with ICS systems to achieve operational efficiencies. Progressive companies will implement new technologies and procedures necessary to bridge IT and OT and defend their ICS from this source of cyber threats.

3. Artificial intelligence (AI) becomes more mainstream. Companies looking to provide next generation security for their ICSs will turn to AI. Organizations grappling with ICS cybersecurity staffing and skills shortages are turning to AI solutions to achieve security and productivity goals. AI-powered monitoring tools are able to discover breaches automatically and provide information on remediation.

4. ICS cybersecurity skill shortage. This particular skills gap will open the door for vendors to provide full security services. These services will move beyond risk assessments and closer to full service.

5. Security-by-design will improve ICS security. Major companies will increase their demands that security be included in new automation equipment purchases. For example, encrypted software will be required for remote terminal units (RTUs). Cybersecurity certification will also grow and major automation vendors will have their products tested for the ISA Secure certification.

Nozomi Networks

www.nozominetworks.com 

– Edited by Chris Vavra, production editor, Control Engineering, CFE Media, cvavra@cfemedia.com.

ONLINE extra

See more Control Engineering cybersecurity stories linked below.