Jan. 25, 2017
Photo - (From left) Vineet Gupta, Presales Manager, KICS, APAC, Kaspersky Lab; Anton Shipulin, Global Presales Manager, Critical Infrastructure Protection Business Development, Kaspersky Lab; Sylvia Ng, General Manager, Kaspersky Lab - SEA; Andrey Suvorov, Head of Critical Infrastructure Protection, Kaspersky Lab and Senior Key Account Manager, KICS, APAC, Kaspersky Lab in Kuala Lumpur.
Fixing weak links
Kalkat said that historically, an ICS operating team may not able to recognise social engineering attacks, recognise unsafe actions and become a solid stage of cyber security in their organisations.
As ICS organisations may not be able to afford significant investment into security personnel, their cyber security response plan may assume that some external organisation is involved for incident coordination, analysis and response actions.
He said the company therefore developed a holistic specialised solution to secure critical infrastructure and industrial facilities in Malaysia called Kaspersky Industrial CyberSecurity (KICS).
"Our solution can ensure the cybersecurity of the technology cycle at all levels of the automated process control," said Kalkat. "We are also actively cooperating with manufacturers of automation systems to develop equipment that takes new cybersecurity standards and requirements into consideration."
He said the KICS offering included a combination of conventional security technologies, adapted for an ICS environment, such as anti-malware protection, whitelisting and vulnerability assessment functionality. "This strong foundation is further enhanced with unique technologies designed specifically for industrial environments, including integrity check for programmable logic controller (PLC), semantic monitoring of process control commands and telemetry data to detect cyber-attacks targeting the physical part of an infrastructure."
Kalkat said that other unique security requirements included delivering protection to the ICS network at the layers most vulnerable to cyber-attacks - ICS/SCADA servers, HMI panels, engineering workstations, PLCs and more - securing them from cyber-threats without affecting operational continuity and consistency of the technological process. (Visit Kaspersky Lab's website for more technical details.)
He added: "The best takeaway from mission-critical experience is the need to have the right attitude. When you know that the wrong software update can cause an hour's outage and losses of thousands of dollars per minute, you must alter your approach.""
The first version of this article appeared on Computerworld Malaysia 25 January 2017.