2023 ARC Forum - Industrial Cybersecurity Today and Tomorrow

Overview

Several hundred people attended the Industrial Cybersecurity – Today and Tomorrow cybersecurity workshop at the 2023 ARC Forum in Orlando, Florida. This informative session provided attendees with an update on the many developments impacting critical infrastructure security. It also served as the kickoff for a full day of industrial cybersecurity presentations and panel discussions.

The session started with a presentation by ARC vice president and cybersecurity practice leader Sid Snitkin that discussed ARC’s research on the current state of industrial cybersecurity and improvements companies will need to enable secure adoption of new digital transformation strategies and technologies.

Presentations by Jason Burt and Klint Walker, representatives of the US Cybersecurity and Infrastructure Security Agency (CISA), followed and provided attendees with useful information about today’s threat landscape and recent incidents like the Colonial Pipeline. They also described the significant expansion that has occurred in CISA’s capabilities and the many free services they offer to strengthen the defenses of the country’s critical infrastructure.

Industrial Developments Demand Better Cybersecurity

ARC’s presentation used the company’s Industrial/OT Cybersecurity Maturity Model to discuss the status of industrial cybersecurity programs and the need for stronger defenses. A key benefit of this ARC model is how it highlights the need to maintain alignment of people, processes, and technology capabilities. Security technologies must be maintained to be effective and security teams need the right tools to effectively perform these tasks. Likewise, cybersecurity professionals are only effective when they have good visibility of risks and the ability to rapidly isolate and remediate threats. The real effectiveness of a cybersecurity program, or its maturity, is determined by the weakest element.

As the figure shows, most industrial IT cybersecurity programs are significantly more mature than those for OT. IT security programs include passive and active defenses. They also have teams of cybersecurity professionals equipped with advanced cybersecurity management solutions to help them maintain security posture and manage attacks. Typical OT cybersecurity programs only have passive defenses and many lack the people and security tools to maintain them. Few OT systems have the active defense capabilities needed to detect and manage ransomware and sophisticated attacks. They likewise lack the resources and expertise to ensure secure deployment of new digital transformation efforts.

This situation is placing many facilities at risk of serious cyber incidents and the risks are growing rapidly, with attackers becoming more sophisticated, companies deploying unmanageable IoT devices, and connections with external resources proliferating. Closing the maturity gaps between OT and IT cybersecurity programs is an urgent issue that every facility needs to address.

CISA Wants to Help

The CISA presentations started with an overview of the agency and its mission. They noted how the security of our nation’s critical infrastructure is a vital concern for the U.S. government and described how CISA leads the National effort to understand, manage, and reduce risks to cyber and physical infrastructure. Jason and Klint are members of the agency’s cybersecurity advisor program (CSA) which has personnel deployed across the United States.

ARC Advisory Group clients can view the complete report at  ARC Client Portal

If you would like to buy this report or obtain information about how to become a client, please  Contact Us

Keywords: ARC Industry Forum, Industrial Cybersecurity, Critical Infrastructure, OT, Workshops, CISA, ARC Advisory Group.