Cloud Security, ICS/SCADA

Cloud technologies omnipresent with ICS operations

An aerial view of a wastewater treatment plant in California.The attempted attack of the water supply in Oldsmar, Fla., was a wake-up call for government agencies. Today’s columnist, John Evans of World Wide Technology, says governments and all organizations need to take a more strategic look at threat modeling to mitigate increased cyberattacks. (...

New research released by Nozomi Networks in tandem with SANS found that 91% of respondents are using cloud technologies to directly support some aspect of industrial control system (ICS) operations.

The report also that all respondents use cloud services for at least one type of cybersecurity function, such as NOC/SOC support, business continuity, and MSSP support.

The use of cloud technologies to also support operational technology (OT) environments – initially for visibility and monitoring and subsequently for core operational aspects – will inexorably increase as the technology stacks underlying modern IT and OT continue to converge, said Oliver Tavakoli, chief technology officer at Vectra.

“The delivery of cybersecurity capabilities in product and service forms are also trending towards cloud and SaaS delivery,” Tavakoli said. “The fact that cloud only makes 13% of respondents’ lists of top-three highest risks of compromise is less a reflection of the security of their cloud usage and more a reflection of the general state of insecurity in other parts of the OT ecosystem.”

While just 40.1% of surveyed individuals responded that they are using cloud-based services for OT/ICS, this more than likely will change in the future,” said Ryan Sydlik, security engineer at Telos Corporation.

“Industrial systems often have a very long life cycle, 20 years being quite common, which greatly reduces adoption rate of new technologies,” said Sydlik. “As businesses utilizing OT/ICS systems begin upgrading and replacing systems, the adoption of cloud technologies is highly likely to rise quite quickly.”

There’s actually some very good news here, said Hitesh Sheth, president and CEO of Vectra. Some 51% say they now detect compromises within 24 hours of an incident – and most move quickly to containment.

“More rapid detection is a step in the right direction,” Sheth said. “And with 91% telling us cloud technologies support ICS operations, it’s an imperative step. I do have two words of advice for the 48% unsure whether their organizations have been compromised. Assume yes.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.