Leading IT companies teamed up to form an alliance to protect industry

More than 10 IT companies, including Microsoft, BlackBerry Cylance, Fortinet and Splunk Tecnology, united efforts to protect the industry and formed an alliance to strengthen security in industrial infrastructures.

Experts from the association, called the Operational Technology Cyber Security Alliance (OTCSA), will prepare practical guides to protect manufacturing processes, critical equipment and systems for the industrial Internet of things.

“A modern industrial enterprise cannot ignore the capabilities of smart sensors, robots and connected devices. However, these decisions destroy the “air gap” that previously protected industry from external malicious activity”, – said the organizers of the new alliance.

These changes result in devastating attacks that plague production around the world. Experts recall how in 2017, Maersk lost millions of dollars due to NotPetya viper. In 2019, several enterprises immediately became victims of the LockerGoga ransomware.

According to researchers, more than 60% of organizations in the oil and gas industry admit that they are unable to detect an advanced attack on their infrastructure. At the same time, almost 80% of industrial companies are confident that in the near future they will face such a threat.

Read also: BitPaymer attack blocked industrial giant Pilz

Alliance members intend to improve the situation by developing the interaction between industry and IT companies. They formulate the main objectives of this cooperation as following:

1. Strengthen the resilience of industrial environments to information security risks through better IT and automation capabilities.
2. Provide operators of industrial systems with instructions for monitoring infrastructure based on existing standards and risk management principles.
3. Increase the competence of the creators of industrial systems in relation to secure software architectures, relevant interfaces and security functions.
4. Provide support for secure critical infrastructures throughout their life cycle – from the first development steps to deployment to the enterprise and on-site maintenance.
5. Accelerate the transition to secure critical infrastructure systems.

To achieve these goals, OTCSA will form three working groups that will divide tasks among themselves depending on their relevance and perspective. The first group will deal with strategic issues, applying the Purdue Model concept to create safe manufacturing practices.

The second experts will focus on providing operators of industrial systems with control over the enterprise’s IT assets — production nodes, software systems, and network resources.

The efforts of the third group will be focused on protecting industrial devices that are today vulnerable by definition. These experts will work on solutions for traffic segmentation and analysis, on the development of secure protocols, data encryption and endpoint security.

“Such groups created earlier are too busy developing new standards and think little about how they are applied in the real world. OTCSA practical guides will address this gap so that industry professionals better understand the value of the proposed technical measures. As a result, enterprises will be able to correctly assess existing risks, rank vulnerabilities and manage their assets based on potential damage from malicious activity”, – report creators of OTCSA.