The current transformations in the architecture and functionality of modern industrial systems predict the emergence of even more IT elements, network connections, and remote data communications - deepening the need for IT security.
Increasing spread of cyber-physical systems | Network-connected, programmable equipment
Industrial automation and process Control Systems (ICS) are the foundation of critical infrastructures and economic production, so their reliable and secure operation is essential for society.
These systems consist of networked programmable devices that have similar security vulnerabilities as traditional computers, allowing for a variety of attacks. Attacks on industrial systems however can be more severe than on an office environment, as physical consequences, equipment failure, personal injury or even environmental pollution could occur.
ICS systems are no longer IT-isolated, but for increased efficiency, they can be accessed, managed, and maintained from other systems over a network connection - opening up the possibility for remote attacks from cyberspace.
The systems of industrial companies, and especially of critical infrastructure providers, have traditionally been very vulnerable to cyber-attacks. They are lagging far behind, and by their nature are more difficult to protect, as they need to be remotely accessible and unobstructed for operational and intervention purposes. These systems have a much longer lifespan, and as such, they are more outdated and have not been designed with IT security in mind. Due to the specifics of the industry, in many cases, “traditional” IT security solutions cannot be applied as-is.