Kaspersky Lab: Safeguarding Enterprises and Critical Infrastructure in the Energy Industry
By Ndubuisi Micheal Obineme
Riaan Badenhorst, Managing Director, Kaspersky Lab Africa has provided an overview of its company’s technological solutions on Safeguarding Enterprises and Critical Infrastructure in the Energy Industry.
Speaking to Oil and Gas Republic correspondent, Riaan Badenhorst said that, Kaspersky Lab have identified a few key challenging areas within the energy sector that need more attention, in order to safeguard enterprises and critical Infrastructure in thisindustry. These include:
- Open and unprotected communication lines between protection and control system components, as well as between power infrastructure facilities.
- Lack of cybersecurity awareness among employees – a limited number of technical personnel maintain large numbers of devices that are oftendistributed on a territory and function without permanent monitoring. On-site personnel often lack even a basic knowledge of cybersecurity.
- Security requirements are not followed – information security requirements are rarely considered in the device or software design anddevelopment processes for technological infrastructures.
- Complexities of contractor access control – the use of contracting organisations for certain types of maintenance work is common.Consequently however, it is extremely important to provide only temporary access to a limitedamount of equipment that has no influence on other system components, and cancellation ofaccess on completion of the work is vital.
- Long lifetime of vulnerable components – the lifetime of devices and protection and control systems is 20-30 years. This means that insecure systemsinstalled today will only be replaced in a couple of decades or so.
In addition to this, he said, “the lack of guidelines defining actions to be taken when suspicious activity is detected within automated systems, also leads to an organisation being vulnerable. Furthermore, the lack of documents and practices relating to the investigation of disturbances in technological environments – including malicious influence on control systems through information technologies, also leads to further vulnerability (for example, due to their age, some reference documents for the investigation and classification of technological disturbances do not even consider cybersecurity incidents as a possible cause of malfunction)”
“If such an incident even takes place, the concern is that the real causes will not be revealed. As a result, the appropriate measures will not be taken and the incident may reoccur. Given these realities, it is evident that the energy sector needs to invest in IY security that effectively safeguards their infrastructure and takes all of the above into account, he added”
The IEC 62351 “Power systems management and associated information exchange – Data and communications security” standard describes in detail the possible tools for complex information security provision at electric power facilities. However, most of the proposed solutions can only be implemented with a complete replacement of automation devices as soon as they require format and communication protocol procedure modifications. Even though a full implementation of IEC 62351 looks like a distant prospect under the circumstances, part of the requirements can be fulfilled and applied to modern systems. Kaspersky Industrial CyberSecurity (KICS)is a holistic solution for industrial infrastructures that fulfills these requirements.