Forrester Research Report on ICS Security & Our Take on the Role of OPSWAT

OPSWAT is listed as a vendor in the large category within the report, Now Tech Industrial Control Systems (ICS) Security Solutions Q2 2021, which provides an overview of 28 ICS Security Solutions providers. Published by Forrester Research, Inc., a leading global research and advisory firm, the report is about ICS security and highlights the importance of threat prevention solutions.

The Critical Risk to ICS

ICS, such as SCADA, are an essential component of operational technology (OT) for many critical infrastructure sectors. ICS and OT environments are attractive targets for cyberattacks because of their critical nature. Successful attacks have resulted in real-world service interruptions.

Ransomware, which encrypts systems/files and demands payment for access, has emerged as the de facto threat to ICS. The Colonial Pipeline cyberattack was a catastrophic ransomware outbreak that forced the company to temporarily halt its pipeline operations and cost nearly $5 million.

According to “Now Tech Industrial Control Systems (ICS) Security Solutions Q2 2021,” Forrester Research, Inc., July 16, 2021, “In the past year, [Forrester has] observed more ransomware designed to detect data historians and other types of technologies common in OT environments. Prior to that, most threats to industrial systems were from state-nexus actors. The threat landscape for critical infrastructure and industrial asset owners is expanding every year.”

Beyond ransomware, many industrial control systems are vulnerable to exploits and attacks. One prominent example is Stuxnet, a malicious worm that targeted SCADA systems. Stuxnet was notable because it caused the physical damage of nuclear centrifuges by spinning so fast that they tore themselves apart. It has been reported that Stuxnet was implanted through a malicious memory stick.

Transient devices and portable media, such as USB keys, represent a major source of risk to ICS. Careless employees may unwittingly introduce infected files or media into these systems. Malicious insiders may steal confidential information. Sensitive data may be accidentally exposed in the process of exporting log files for monitoring solutions.

The Role of Threat Prevention in ICS Security

According to “Now Tech Industrial Control Systems (ICS) Security Solutions Q2 2021,” Forrester Research, Inc., July 16, 2021, “Treat all networks as untrusted — a core Zero Trust principle — including corporate IT. ICS-aware firewalls and secure remote access solutions will help prevent threats from crossing the IT-OT DMZ and ensure only authorized changes are made to PLCs and safety systems. These controls are ICS-protocol aware, unlike most conventional IT firewalls and networking gear. They offer deep packet inspection of ICS protocols and are able to block communications over those specific protocols from leaving the OT environment.”

OPSWAT solutions enable organizations to secure file transfers and data access across security domains and security zones (i.e. DMZ between IT and OT networks). Organizations can manage and authorize users, files and devices. Security teams can mitigate vulnerabilities, malicious code and unauthorized access of transient cyber assets and removable media. Core functionality includes multiscanning using multiple antimalware engines that results in malware detection rates exceeding 99%, content disarm and reconstruction (CDR) that neutralizes zero-day attacks by reconstructing and sanitizing files, and proactive data loss prevention (DLP) that automatically redacts confidential information.

• MetaDefender Kiosk – Protect ICS with the physical presence of MetaDefender Kiosk, which scans more than 20 removable media types, including USB keys, CD/DVD, mobile phones and 3.5” diskettes for malicious files and zero-day attacks via unauthorized removable media usage.
• MetaDefender Vault – Securely transfer files from across security zones and secure file storage and retrieval. Integrate with MetaDefender Kiosk to enhance the security of file transfers across any networks without physical access to media inside the security zones.
• MetaDefender Drive – Inspect and analyze any unknown or risky transient cyber assets in the field with a portable security solution.
• MetaDefender USB Firewall – Complement MetaDefender Kiosk to provide an additional line of physical defense by automatically blocking unprocessed or compromised USB keys prior to being inserted into any critical assets in the ICS environment.

Conclusion

As cyberattacks on ICS continue to rise, so does the importance of threat prevention solutions. OPSWAT provides a robust suite of innovative solutions for organizations to protect their ICS.

To learn more, please visit - https://www.opswat.com/solutions/cross-domain-solutions

References/Citations

* Now Tech: Industrial Control Systems (ICS) Security Solutions Q2 2021, Forrester Research Inc., July 2021

For more information, please contact one of our critical infrastructure cybersecurity experts.