Securing Industrial Control Systems Becomes Critical As Manufacturers Add IoT In 2018

More manufacturers are looking to secure IoT applications in 2018, opening up opportunities for the channel around protecting connected, critical infrastructure.

"OT systems are increasingly under attack," said Chet Namboodri, vice president of alliances and business development at San Francisco, Calif.-based Fortinet partner Nozomi Networks. "For industrial companies and the channel that serves them, new advances in OT cybersecurity technologies and services offer the opportunity to gain much needed visibility into industrial networks; and to provide the means to assess, monitor, detect and prevent attacks that could impact the safety and reliability of essential critical infrastructure operations."

The manufacturing vertical is expected to spend the most on the Internet of Things in 2018, according to a December report by research firm IDC. According to IDC’s report, manufacturing companies globally will spend up to $189 billion on IoT solutions, and worldwide spending overall will reach $772 billion in 2018.

[Related: The 10 Biggest IoT Stories Of 2017]

Even as connectivity ramps up in the industrial market, security risks are also peaking as new malware threats continue to hit critical infrastructure systems.

This past month, a new type of malware called Triton has shut down the operations of a critical infrastructure organization, according to security firm FireEye. The malware specifically targets a Schneider Electric product called Triconex, which is a safety instrumented system for industrial plants.

Triton is one of rare publicly identified malicious software families that targets industrial control systems – including Stuxnet, which was used against Iran in 2010; and Industroyer, which was used against Ukraine in 2016.

Security will remain a big issue for these manufacturing companies in the new year – a survey released in December by LNS Research found that only 59 percent of industrial companies use firewalls, and 25 percent plan to implement industrial network monitoring over the next year.

"We've been expecting the manufacturers and water folks to get on board with this in the past two or three years ... We're surprised it's not taking off faster," said Jim Gillespie, CEO of Pittsburgh, Pa.-based GrayMatter. "2018 could be the year where security becomes a top focus for control systems."

For the channel, that opens new opportunities to offer consultative and implementation services around security for the manufacturing space.

Jeff Murray, president of Control Point, a Scarborough, Maine-based operational technology solution provider, works with both IT and OT vendors to securely collect the data from their environments and share that data out of the plant.

"We're finding that more industries are looking to IoT solutions to connect their assets … we're seeing manufacturers and utilities companies are seeing a play here," said Murray.

Vendors are also recognizing the pop up in demand for operational technology security – and are pivoting their channel strategies around industrial control system security.

For instance, Fortinet in December announced a new solution that integrates a ruggedized firewall, switching and wireless access point appliances with FortiGuard industrial threat intelligence so that partners can help industrial customers protect their industrial control systems and SCADA systems.

Equipped with budding interest from customers and support from vendors, channel partners are set for success in securing operational technology environments in 2018.

"Interest in protecting OT has reached new heights in a wide range of industries including manufacturing, oil, gas, utilities, transportation and pharmaceuticals among others," said Nozomi Networks' Namboodri. "This expansion reflects growing awareness for the need to improve ICS cybersecurity. It is creating strong demand for products and services that are specially designed to protect OT networks."