Securing Critical Infrastructure Needs Technology with Attitude
Author(s): Stephen McCarney, Posted on May 23rd, 2014
Critical infrastructure organizations across the globe rely on supervisory control and data acquisition (SCADA) and industrial control systems (ICS) to keep operations going 100 percent of the time without fail. According to the US Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), there was about a 23 percent increase in reported incidents between 2012 and 2013. STUXNET and other successful cyber attacks opened the eyes of many in the critical infrastructure community a few years ago. Now, with cyber assaults continuing to escalate in frequency, scale and sophistication, executives in critical infrastructure organizations are taking action.
While dissecting security vulnerabilities within a SCADA and ICS environment is interesting and important, there is a common thread that ties many vulnerabilities together: legacy systems and technologies are making critical operations susceptible to advanced persistent threats (APT) and other increasingly sophisticated cyber attacks. Equally challenging are malicious and unsuspecting insider threats. To tackle these issues, critical infrastructure executives in energy, industrial manufacturing and other critical infrastructure sectors are scrambling to upgrade their systems. Tightening regulatory requirements are accelerating the need to do so.
But is upgrading really the right approach to tackle the systemic issue underlying today’s relentless cyber assaults on critical infrastructure organizations?
Yes – but only as long as you also upgrade how you think about security. Research and Markets forecasts the Global SCADA market will grow at a CAGR of 6.96 percent over the period 2013-2018. But through that growth, organizations must transform from a state of vulnerability to a state of mission-critical security. Achieving this requires technology with an attitude — an attitude whose mission is to help critical infrastructure executives get to zero incidents. Is this really possible?
“Innovating to zero” is a concept, according to Frost & Sullivan, that more and more executives are seeing as a real possibility. It refers to a world of zero emissions, zero accidents, zero fatalities, and zero security breaches. Breaking the cycle of temporary patchwork solutions is important if executives want to get to zero incidents. Innovative technologies play a critical role in supporting this transformation.
Today we have sophisticated technology solutions that can improve safety, protect critical data and systems, facilitate compliance, and reduce costs – all at the same time. This is what award-winning Unisys Stealth™ can help critical infrastructure organizations achieve. Behind the innovative attitude of the technology’s mission lies an effective combination of making endpoints invisible, isolating systems and tightening access control based on user identity. This means hackers or other unauthorized parties inside or outside your organization cannot access – or even see — the systems and data. It’s something Network World product reviewer David Strom noted in his May 2014 article, Unisys unveils invisibility cloak for network traffic, that “might just be a great way to hide from hackers.”