The organizations operating critical infrastructure are sustaining and thriving due to an intricate mesh of supply chains for raw materials and finished goods in B2B and B2C markets. This has a flip side, however, and this can make organizations susceptible to the “butterfly effect”. The butterfly effect occurs when, a small change to a sensitive dependency within a supply chain can result in large, unpredictable impacts in the future due to the complexity of the system. The pandemic has taught this to the world in a harsh way with semiconductor manufacturing as a great example.
While organizations have improved their supply chain resilience in recent years, cybersecurity attacks have still gained momentum. The 2023 IBM Security X-Force Threat Intelligence Index IBM reported that manufacturing has maintained the top spot as the most attacked industry for the 2nd year in a row. Manufacturing and energy sectors together account for more than 35% of attacks that IBM X-Force responded to in 2022.
Why the increase in attacks? Macro analysis can provide many important insights. Organizations are transforming rapidly to remain relevant in this competitive and aggressive market. Sustainability and profitability are driving digital transformation efforts. Companies are adding new technology to gather data from the sources that were untapped in the past. In turn, they are also storing and processing massive amount of data. This transformation, also known as Industry 4.0, is delivering business value by improving reliability, processes, equipment, and materials. However, it also increases the attack surface.
At the same time while organizations are adding new technology, the core business is still highly dependent on Industrial Control Systems (ICS), also known as Operational Technology (OT). It is no surprise to anyone that these systems have a very long lifecycle. “If it ain’t broke, don’t fix it’’. Very cliché. However, Control system and Cybersecurity experts likely fight this battle every day. One must note, upgrading or replacing these systems is not a simple task. System migration projects (upgrades or replacement) require steep capital investment and intricate project planning that goes through several engineering stages. The migration project is not just about replacing PLCs, HMIs and I/Os. Project team must examine several areas of the automation system such as regulations and permits, ancillary systems and space requirements, field devices and infrastructure, network infrastructure and connectivity, prior to undertaking an automation upgrade project. Due to the scale of investment and complexity it hard to gain investment commitments to upgrade automation systems.
These critical infrastructure organizations and technologies need a robust Incident Response (IR) Program that can support the operational teams with the right processes, skills, experience, and tools.
IBM’s X-Force IR has been supporting Critical Infrastructure organizations around the globe, improving OT/IoT Incident Response capabilities. X-Force IR helps organizations to prepare for the worst-case scenario with preparedness planning and deliver rapid response to incidents with remote or boots on the ground emergency incident support. The services are globally available and support complex and critical infrastructures and industry-specific operations. It is one team that supports organizations around IT, OT, IoT, and emerging technologies.
IBM truly believes that Security is a team sport. In addition to our own extensive portfolio, we also bring to bear the capabilities of our extensive ecosystem partners to assist with solving for our clients most critical challenges. The partnership with Nozomi Networks, Inc. is a great testament to that. IBM is the Nozomi Certified Managed Security Service Provider (MSSP) Elite Partner and managing services using Nozomi products for several organizations around the globe. Integration of Nozomi products with QRadar provides complete real-time visibility & threat detection for IT/OT.
IBM X-Force IR is extending and enhancing this partnership by participating in the inaugural program “Elite Cyber Defenders Incident Response Program” (ECDIR). Elite Cyber Defenders can provide the necessary resources to respond to cyber incidents amidst the ongoing skills shortages. This technology-led, collaborative initiative provides critical infrastructure customers with access to the superior cybersecurity defense tools, expert-trained field resources, and industry-leading OT threat intelligence curated specifically for operational technology environments. The initiative will provide timely visibility and agility during critical phases of incident response, threat hunting exercises, and proactive incident response engagements.
IBM aims to further enhance the partnership in areas such as incident response, research and threat intelligence sharing on Cloud, IT, OT and IoT.
Schedule a 1x1 briefing with an X-Force expert here.