CxO Insights with Michael Murray: “The level of cybersecurity awareness is as high as I have ever seen it”
As connectivity to the outside world grows, security is becoming one of the most important topics in industrial IT and Operational Technology. In this interview, Michael Murray, SVP and GM Cyber Physical at BlackRidge Technology, responds to our questions focused on ICS security.
Carolina Rudinschi: How would you rate the level of cybersecurity awareness among industry in general? Why?
Michael Murray: The awareness in the industry is as high as I have ever seen it. Large manufacturers we spoke with in the IoT Infrastructure Pavilion at CES 2019 said their digital automation and transformation initiatives are being held back by the risk from putting their Operational Technology (OT) devices on IT networks. For manufacturing companies and infrastructure operators the risks from vulnerable IoT systems involve not just data and intellectual property loss but potential loss of life — costly enough risks to make many organizations pause.
Carolina Rudinschi: What are the top cybersecurity concerns faced by industrial enterprises today?
Michael Murray: The top concern is the risk from the increasing attack surface, given how digital automation drives the requirement that everything be interconnected. The hardware used in OT environments typically has a shelf life of a decade or longer, meaning the organizations tasked with operating and managing factory automation or critical infrastructure must find a way to protect legacy equipment with known vulnerabilities that needs to be secured. This is the brownfield problem that we are all facing.
Carolina Rudinschi: Last year, a research report from (ISC)² revealed a worldwide cybersecurity skills gap of 2.9 million. How much is the industrial sector affected and what’s the solution?
Michael Murray: All of the industrial sector is affected – with a steep learning curve to not only protect their legacy systems or brownfield environment, but also to understand how to create and maintain a strong security posture with their vendors. A key part of the solution is to establish a shared responsibility model between their internal IT security teams and their external vendors and service providers, working together to promote safe and secure IIoT deployments that enable effective protection of their existing and new IIoT devices.
Carolina Rudinschi: What’s the hardest thing to explain to a client when talking about ICS security implementation?
Michael Murray: Right now the attackers likely have the advantage, but it is possible to change the dynamic if you make an immediate shift and dedicate investment into protecting your legacy ICS. If you don’t connect your systems, you will fall behind the competitive curve of digital automation – and will still be vulnerable to air gap hacking strategies, like Stuxnet, regardless. As an example, many test equipment vendors who have been reluctant to connect their systems to take advantage of condition-based monitoring are falling behind those competitors who enable their customers to do planned maintenance and asset monitoring for efficiencies.
Carolina Rudinschi: What should define a vendor that provides cybersecurity solutions for industrial players to stand out from the crowd?
Michael Murray: A cybersecurity solutions vendor, or any vendor of industrial control systems, should be defined by their commitment to promoting shared responsibility for safe and secure IoT deployments. A great example of this is the shared responsibility initiative undertaken by PTC. This includes disclosing breaches or attempted attacks that don’t need to be disclosed by law but may still affect their customers and suppliers. Knowing what types of attacks are taking place, and which ones are successful, can help organizations defend themselves more effectively.
Carolina Rudinschi: What is next on the horizon for BlackRidge Technology?
Michael Murray: At CES, we introduced a new family of BlackRidge Transport Access Control identity devices (TAC-ID) to protect legacy systems and support the secure convergence of operational technology and information technology networks. These devices enable legacy equipment in factories, hospitals and critical infrastructure architectures to be protected and for their network connections to servers and cloud environments to be authenticated based on their identity. This effectively lets organizations establish end-to-end trust by transporting identity through the stack – across already installed sensors to clouds and IoT analytics servers – cost effectively and with minimal latency added to the network. BlackRidge has a hardware, software and licensing roadmap for IIoT identity and network security vendors for OEMs to use BlackRidge’s TAC-ID device today while they plan for future integration.
We will also continue to push forward with industry partners to define a reference framework for ICS segmentation and segregation to protect critical infrastructure.