Why hold conferences on industrial cybersecurity? Primarily, to give a variety of participants a chance to meet, discuss common issues, and try to find solutions. The key word is “variety” — conference attendees include critical infrastructure operators, automation tool manufacturers, and security experts, to name a few. Yet it’s not without reason that our yearly industrial cybersecurity conference targets not only techies, but businesses as well. This helps participants grasp the wider market picture, see how it’s changing, and analyze trends.
Kaspersky Lab’s recent Fifth Industrial Cybersecurity Conference showed that the industrial cybersecurity market has reached maturity. Previously, the main problem was that market players spoke different languages: Industrialists were unaware of the risks and threats posed by the digital world, industrial systems manufacturers tried to manage on their own, and both sides turned a deaf ear to the opinions of information security experts. Not anymore.
These days, conversations do not begin with a warning that cyberthreats can damage an industrial enterprise, but with a focused discussion of risks — and not only risks to the production process, but risks to the environment and the company’s reputation.
Quite a few speeches were devoted to risk management, which can be said to be a new trend in industrial cybersecurity. In an attempt to hedge against large-scale cyberattacks, companies are turning to insurance firms. Some of those firms were represented at the conference.
Most prominent was Marsh, a large international insurance broker and risk consultant. We mention Marsh in particular because together we have signed a memorandum of cooperation that foresees our experts taking part in an audit of industrial enterprises.
The nature of the conference itself has also changed dramatically. Last year, the event was mostly local, with several speakers from European countries, but mostly guests from Russia and the CIS. This time around, we welcomed numerous guests from all over the world, including representatives of our clients and partners from the United States, Canada, Italy, Japan, Sweden, Denmark, Germany, Britain, Switzerland, the UAE, the Philippines, Singapore, and elsewhere.
What’s more, among this year’s speakers were international experts on industrial cybersecurity: Dale Peterson, chairman of the most advanced ICS security conference S4, founder and CEO of Digital Bond, with 17 years’ experience advising industrial companies on ICS security; Eric Byres, a founder of famous Industrial firewall Tofino Security, who alongside his work at ICS Secure is known for creating the BCIT Critical Infrastructure Security Center, the largest US educational center in the field of industrial security; and Marina Krotofil, a recognized industrial security expert and a familiar face at leading ICS security conferences.
Another key change is that guests were not asking “Why should we protect industrial infrastructure from cyberthreats?” but rather “How do we do it most effectively?” Therefore, the stands showing off new developments from Kaspersky Lab’s partners and the company itself aroused special interest. Kaspersky Lab, for example, showed the Kaspersky Industrial Cybersecurity (KICS), with applied machine-learning methods and third-party systems based on our operating system, Kaspersky OS.
Sure, many factors are at play in the change of attitude toward industrial cybersecurity — from the determined efforts of our experts and colleagues from other companies to the all-around improvement in cyberliteracy and, unfortunately, the rising number of incidents. Not least among the latter is WannaCry, which, although not specifically aimed at ICS, accounted for 13.4% of all computers attacked by encryption ransomware inside industrial infrastructures (according to our KLCERT report presented at the conference, which you can view here).
Materials, including key speeches and presentations, are available on the conference website.