Apr 18, 2019

Industry puts cybersecurity pros in charge

Factory workers assembling a car. Photo: Jerry Cooke/Corbis via Getty Images

After years of dire warnings about hackers wreaking havoc on computers that run physical processes in factories and infrastructure, you’d think industrial firms would already have their top cybersecurity officers running cybersecurity at their plants. Today, that’s the case for only 35% of big facilities — but the situation is finally changing.

Why it matters: The 2 most important things to an industrial business are uptime and efficiency. Where plant owners once worried that cybersecurity pros would meddle with industrial processes they didn't understand, the very real impacts of 2 global cyberattacks in 2016 proved their skills were sorely needed.

The big picture: According to a 2018 Gartner report, only 35% of firms had the chief information security officer's (CISO) department or an equivalent in charge of their industrial networks — often referred to as operational technology (OT) as opposed to business systems, the traditional IT. But that number is projected to double by 2021.

  • “It's a huge trend in just the last 18 months,” said Amit Yoran, CEO of Tenable and the former director of Homeland Security’s United States Computer Emergency Readiness Team.
  • “If you go back a couple of years, the OT people were saying, ‘Those guys don't know anything about OT. We're separate, we're standalone, get out of our space. Now they recognize their networks are completely raided by IT systems.”

The key term to know is “IT/OT convergence.” OT and IT used to be church and state, separated by custom and bureaucratic boundaries. But companies are realizing the dangers of ignoring how quickly OT networks are beginning to look like IT networks.

  • "At first, it made sense to trust those systems to plant managers who may have been there 30-plus years with unblemished records and understood the language," said Ryan Brichant, chief technology officer for OT at the security firm Forescout.

Yes, but: Cybersecurity is increasingly seen as a boon to uptime, rather than an obstacle.

  • As plants invest in connected devices to boost efficiency, they also increase the number of systems vulnerable to attack.
  • Industrial systems are increasingly victims of targeted ransomware, where hackers identify big ticket companies to take hostage.

Why now? The trend of CISOs getting full control of plant cybersecurity predates the growth of targeted ransomware attacks and came years after the first industry warnings that increased connectivity could cause industrial disasters.

  • What really spurred the change appears to be two massive cyberattacks in 2016.
  • "When I talk to CISOs, they say the change in thinking took place around two years ago, after WannaCry and NotPetya," said Brichant.
  • While there's some debate if WannyCry and NotPetya were ransomware or destructive malware meant to look like ransomware, major closures in everything from chip manufacturers to U.S. ports to automotive plants demonstrated the danger.

The expansion of CISO duties has led to a change in how many security firms do business.

  • Several companies have recently consolidated IT and OT products into single platforms to offer a consistent experience on any network. Tenable and Forescout are among them.
  • "CISOs have a pretty large plate and want to be looking at as few screens as possible," said Brichant.

Go deeper

America's future looks a lot like Nevada

Illustration: Sarah Grillo/Axios

Today's Nevada caucus will foreshadow the future of American politics well beyond 2020.

Why it matters: The U.S. is in the midst of a demographic transformation, and the country's future looks a lot like Nevada's present. Today's results, in addition to shaping the 2020 race, will help tell us where politics is headed in a rapidly changing country.

Coronavirus spreads to more countries, and U.S. ups its case count

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's Health Ministry. Note: China numbers are for the mainland only and U.S. numbers include repatriated citizens.

The novel coronavirus continues to spread to more nations, and the U.S. reports a doubling of its confirmed cases to 34 — while noting those are mostly due to repatriated citizens, emphasizing there's no "community spread" yet in the U.S. Meanwhile, Italy reported its first virus-related death on Friday.

The big picture: COVID-19 has now killed at least 2,359 people and infected more than 77,000 others, mostly in mainland China. New countries to announce infections recently include Israel, Lebanon and Iran.

Go deeperArrowUpdated 13 hours ago - Health