Kaspersky Research Uncovers: Nearly 8 Out of 10 Industrial Companies Address Security Issues Only When Compelled by Urgency

Kaspersky Research Uncovers: Nearly 8 Out of 10 Industrial Companies Address Security Issues Only When Compelled by Urgency

In the ever-evolving digital landscape, the importance of robust cybersecurity measures has never been more critical, particularly for industrial organizations. Kaspersky, a leading cybersecurity company, has recommended the adoption of the Secure by Design ideology to bolster defenses against cyber threats.

The Secure by Design approach emphasizes the development of IT and Operational Technology (OT) systems with inherent security built into their architecture and development process. This proactive strategy, at the heart of Kaspersky's Cyber Immunity strategy, aims to create systems resilient against cyberattacks, minimizing vulnerabilities from the outset and reducing the need for costly patching or external defenses later on[1][3].

In industrial settings, where failures or breaches can lead to critical infrastructure damage or operational disruption, Secure by Design ensures that vulnerabilities are addressed during development and deployment phases. Kaspersky specifically recommends adopting Secure by Design when deploying new OT devices or systems to proactively safeguard industrial operations and reduce cyber risk[3].

However, the proliferation of Internet of Things (IoT) devices in industrial organizations necessitates robust cybersecurity measures due to the broadened attack surface. The convergence of IT and OT systems further complicates matters, as there is a pressing need to harmonize these traditionally disparate systems, which have often relied on proprietary technologies rather than open standards[1].

In OT environments, challenges in effective patch management are exacerbated due to limited device visibility, inconsistent vendor patch availability, specialized expertise requirements, and regulatory compliance. A strong and consistent approach to patch management is crucial for industrial companies to mitigate these risks[2].

Alarmingly, a significant number of organizations update their OT systems only every few months or longer, significantly increasing their risk exposure. Kaspersky's Cyber Immunity approach, unlike traditional systems, does not require constant patching[1].

A comprehensive cybersecurity strategy requires complete visibility into an organization's assets. In IT and OT converged environments, a comprehensive asset inventory is insufficient; a risk assessment methodology aligned with operational realities is needed[1].

This inconsistent approach can leave organizations vulnerable in a complex threat landscape. By adopting the Secure by Design ideology and Kaspersky's Cyber Immunity strategy, industrial organizations can maintain stronger defenses, reduce the surface for cyberattacks, lower cybersecurity costs, and enhance long-term operational stability against increasingly sophisticated threats[1][3].

References: [1] Kaspersky. (2021). The Convergence of IT and OT: A New Approach to Cybersecurity. Retrieved from https://usa.kaspersky.com/about/resources/research-reports/the-convergence-of-it-and-ot-a-new-approach-to-cybersecurity [2] Kaspersky. (2021). Patch Management Challenges in OT Environments. Retrieved from https://usa.kaspersky.com/resource-center/infographic/patch-management-challenges-in-ot-environments [3] Kaspersky. (2021). The Importance of Secure by Design in Industrial Cybersecurity. Retrieved from https://usa.kaspersky.com/about/resources/research-reports/the-importance-of-secure-by-design-in-industrial-cybersecurity

1. To address the growing cybersecurity challenges in industrial organizations, Kaspersky advocates the adoption of the Secure by Design approach in the development of IT and Operational Technology (OT) systems.
2. This ideology, at the core of Kaspersky's Cyber Immunity strategy, aims to create cyberattack-resilient systems by minimizing vulnerabilities and reducing the need for costly patching or external defenses.
3. The Cyber Immunity approach, unlike traditional systems, doesn't require constant patching, making it particularly beneficial for industrial organizations with challenges in effective patch management.
4. In the digital landscape where technology convergence (including data-and-cloud-computing and AI) is widespread, a comprehensive cybersecurity strategy, including the Secure by Design approach and AI-driven threat intelligence tools, is crucial for industrial organizations to maintain robust security, lower cybersecurity costs, and enhance long-term operational stability against sophisticated threats.

Read also: